5 files changed, 166 insertions, 3 deletions

diff --git a/machines/ettves/default.nix b/machines/ettves/default.nix
index c614afb..5a4a8c0 100644
--- a/machines/ettves/default.nix
+++ b/machines/ettves/default.nix
@@ -1,6 +1,7 @@
 { config, lib, pkgs, ... }:
 
-{
+let endpoint = "195.201.245.25";
+in {
   imports = [ ./fs.nix ];
 
   boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
@@ -21,11 +22,12 @@
 
   networking = {
     domain = "vapor.systems";
+    hostName = "ettves";
     hostId = "14e28906";
     dhcpcd.enable = false;
     interfaces.eth0.ipv4.addresses = [
       {
-        address = "195.201.245.25";
+        address = endpoint;
         prefixLength = 26;
       }
       {
@@ -105,4 +107,29 @@
       interface = "eth0";
     };
   };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClYZUxD3Xb4bngOT03Bk/PQSwwYiSKuZm7lLoBEesLd root@ettves";
+
+  kubernetes = {
+    role = "server";
+    advertiseAddress = endpoint;
+  };
+
+  wireguard = {
+    enable = true;
+    roaming = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.1"; };
+    v6 = { address = "1"; };
+    publicKey = "5OTaf4MnSzTcCR10CGSrLFngGa3gdzajbqUKkRF+WlY=";
+    allowedIPs = [ "10.10.0.0/24" "10.102.0.0/24" "fd15:3d8c:d429:102::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "remote";
+    substituteOnTarget = true;
+    hermetic = false;
+  };
 }
diff --git a/machines/fra01/default.nix b/machines/fra01/default.nix
new file mode 100644
index 0000000..059e082
--- /dev/null
+++ b/machines/fra01/default.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+let endpoint = "95.179.243.82";
+in
+{
+  networking = {
+    domain = "ns.vapor.systems";
+    hostName = "fra01";
+  };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9rBu7L0ktMFpYOqvKyjDoO8a5Y0CfqnCJCGEdE6cOV";
+
+  kubernetes = {
+    role = "agent";
+    externalIP = {
+      v4 = endpoint;
+      v6 = "2001:19f0:6c01:28e5:5400:3ff:fed7:7a2a";
+    };
+  };
+
+  wireguard = {
+    enable = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.3"; };
+    v6 = { address = "3"; };
+    publicKey = "jw3hiRczS0kQoOYlgofFp23/YZq8mzDaPRto+qVz7iE=";
+    allowedIPs = [ "10.102.5.0/24" "fd15:3d8c:d429:102:500::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "local";
+    substituteOnTarget = true;
+    hermetic = true;
+  };
+}
diff --git a/machines/nyc01/default.nix b/machines/nyc01/default.nix
new file mode 100644
index 0000000..b745897
--- /dev/null
+++ b/machines/nyc01/default.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+let endpoint = "207.246.124.62";
+in
+{
+  networking = {
+    domain = "ns.vapor.systems";
+    hostName = "nyc01";
+  };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC00bSIp5oydOY/SFxPULYFtij5nsZCugdiR3q7PxNqC";
+
+  kubernetes = {
+    role = "agent";
+    externalIP = {
+      v4 = endpoint;
+      v6 = "2001:19f0:5:13df:5400:3ff:fed5:f26c";
+    };
+  };
+
+  wireguard = {
+    enable = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.4"; };
+    v6 = { address = "4"; };
+    publicKey = "aVIWBqnUhYEwXMuHiUmsU4nKmFhsIj9Nb6rx4TGFvRY=";
+    allowedIPs = [ "10.102.3.0/24" "fd15:3d8c:d429:102:300::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "local";
+    substituteOnTarget = true;
+    hermetic = true;
+  };
+}
diff --git a/machines/phaenn/default.nix b/machines/phaenn/default.nix
index 4f25a5c..5e95592 100644
--- a/machines/phaenn/default.nix
+++ b/machines/phaenn/default.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }:
 
+let endpoint = "142.132.159.202";
+in
 {
   imports = [
     ./fs.nix
@@ -19,9 +21,10 @@
 
   networking = {
     domain = "vapor.systems";
+    hostName = "phaenn";
     hostId = "f9274217";
     interfaces.eth0.ipv4.addresses = [{
-      address = "142.132.159.202";
+      address = endpoint;
       prefixLength = 26;
     }];
     interfaces.eth0.ipv6.addresses = [{
@@ -34,4 +37,26 @@
       interface = "eth0";
     };
   };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdujV+knnOzP+oW6C42yWRJVhkSR+lcdx+FUsCP3Q1v root@phaenn";
+
+  kubernetes.role = "agent";
+
+  wireguard = {
+    enable = true;
+    roaming = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.2"; };
+    v6 = { address = "2"; };
+    publicKey = "GmUvA3L8M2+N59my6MeoGwDD8puLOO5/Rbe29WtduBI=";
+    allowedIPs = [ "10.102.1.0/24" "fd15:3d8c:d429:102:100::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "remote";
+    substituteOnTarget = true;
+    hermetic = true;
+  };
 }
diff --git a/machines/sin01/default.nix b/machines/sin01/default.nix
new file mode 100644
index 0000000..267981f
--- /dev/null
+++ b/machines/sin01/default.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+let endpoint = "139.180.191.169";
+in
+{
+  networking = {
+    domain = "ns.vapor.systems";
+    hostName = "sin01";
+  };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJG9bqNAbHaWgiRgvNMntyW9IeLedXCF11KGB0iQsrJH";
+
+  kubernetes = {
+    role = "agent";
+    externalIP = {
+      v4 = endpoint;
+      v6 = "2001:19f0:4400:7d6a:5400:3ff:fed5:f26d";
+    };
+  };
+
+  wireguard = {
+    enable = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.5"; };
+    v6 = { address = "5"; };
+    publicKey = "0/g1/0fLOvMDKC87hu9fBDA38S8lzO7qJ+akLGTT/lc=";
+    allowedIPs = [ "10.102.4.0/24" "fd15:3d8c:d429:102:400::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "local";
+    substituteOnTarget = true;
+    hermetic = true;
+  };
+}