From b38bc67a603a2e840063fd591cd0f9fa14d9a484 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Sat, 9 Sep 2023 23:02:08 +0200
Subject: [PATCH] move aurto to hetzner cloud

---
 .../extras/{aurto => htz-cloud.aurto}/aurto   |  0
 nodes/aurto.py                                | 99 -------------------
 nodes/htz-cloud.aurto.toml                    | 65 ++++++++++++
 3 files changed, 65 insertions(+), 99 deletions(-)
 rename data/nginx/files/extras/{aurto => htz-cloud.aurto}/aurto (100%)
 delete mode 100644 nodes/aurto.py
 create mode 100644 nodes/htz-cloud.aurto.toml

diff --git a/data/nginx/files/extras/aurto/aurto b/data/nginx/files/extras/htz-cloud.aurto/aurto
similarity index 100%
rename from data/nginx/files/extras/aurto/aurto
rename to data/nginx/files/extras/htz-cloud.aurto/aurto
diff --git a/nodes/aurto.py b/nodes/aurto.py
deleted file mode 100644
index d7a98c3..0000000
--- a/nodes/aurto.py
+++ /dev/null
@@ -1,99 +0,0 @@
-nodes['aurto'] = {
-    'hostname': '31.47.232.107',
-    'bundles': {
-        'backup-client',
-        'check-mail-received',
-    },
-    'groups': {
-        'arch',
-        'webserver',
-    },
-    'metadata': {
-        'icinga_options': {
-            'also_affected_by': {
-                'rx300',
-            },
-            'period': 'daytime',
-        },
-        'backups': {
-            'paths': {
-                '/var/cache/pacman/aurto',
-            },
-        },
-        'check-mail-received': {
-            't-online': {
-                'email': 'franzi.kunsmann@t-online.de',
-                'imap_host': 'secureimap.t-online.de',
-                'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'),
-            },
-        },
-        'description': [
-            'When adding packages to aurto, please also add those packages to ~/PACKAGES',
-            'Wenn Pakete zu aurto hinzugefügt werden, trage sie bitte auch in ~/PACKAGES ein',
-        ],
-        'interfaces': {
-            'enp1s0': {
-                'ips': {
-                    '31.47.232.107/29',
-                    '2a00:f820:528::3/64',
-                },
-                'gateway4': '31.47.232.105',
-                'gateway6': '2a00:f820:528::1',
-            },
-        },
-        'nginx': {
-            'vhosts': {
-                'aurto': {
-                    'domain': 'aurto.kunbox.net',
-                    'webroot': '/var/cache/pacman/aurto',
-                    'extras': True,
-                },
-            },
-        },
-        'pacman': {
-            'enable_aurto': False,
-            'additional_config': {
-                'Include = /etc/pacman.d/aurto',
-            },
-            'unattended-upgrades': {
-                'is_enabled': True,
-                'hour': 22, # one hour after the host
-            },
-        },
-        'sudo': {
-            'extra_configs': {
-                '50_aurto_passwordless': {
-                    '%wheel ALL=(ALL) NOPASSWD: /usr/bin/arch-nspawn',
-                    '%wheel ALL=(ALL) NOPASSWD: /usr/bin/pacsync aurto',
-                    '%wheel ALL=(ALL) NOPASSWD:SETENV: /usr/bin/makechrootpkg',
-                },
-            },
-        },
-        'users': {
-            'aurto': {
-                'groups': {
-                    'wheel',
-                },
-                'ssh_pubkey': {
-                    # e1mo
-                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBfbb4m4o89EumFjE8ichX03CC/mWry0JYaz91HKVJPb e1mo',
-                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9x/kL2fFqQSEyFvdEgiM2UKYAZyV1oct9alS6mweVa e1mo (ssh_0x6D617FD0A85BAADA)',
-                    # f2k1de
-                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrvhqC/tZzpLMs/qy+1xNSVi2mfn8LXPIEhh7dcGn9e',
-                    'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDH5+j2vDW1FHSSEEI/Sf5qiKJq1uoxGO5BPv84mqohvol7GxDFObv69tn7g6HYfZY/SaS75C4ZXy+cKa0xy8UCpF0SBa2xHASkenS9v55oweDL4rYSPARzn2XKt3RFJG/d8V5NOWtcyq5DFSzewUF35E4hx1pUc/CIxgJEem5ZvzvN0hlIKXUN2djkVUx+mz6RryBysLTJEFBamjJxIkvDG/PZU73W4SHaKAYV4Ojz2NY7T5/NYKePfIU5F9pkE3RU0LRj58usvA1eP0PvEArWlGNCd8EJU+HQ5xr2dZ6MKPpEyG0KJkC88DuapeF5RwUV53ZhNpF+QgzpI72fH5up',
-                    # kunsi
-                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICYst1HK+gJYhNxzqJGnz4iB73pa89Xz2yH+8wufOcsA',
-                    'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+ja1z5VRQzaKCCePsUM14qMr9QR94qlWc7Je5Poki9UmC1t/TyxRVzcCBL1ZdIfBGx6QKtfkEbvhgb3nxVt3PvXjoJrc6wwGLmNrVsU6B88y35g7nzupQiPKYJwkNzJ9j6Dmkgj1F5Q+aY2SitDaX6vqICLJ4Al/ZFw2IQxVJfC7JXRJ9jRMG5o9gWoE3gWDYEAmw+HU2mNzyeuaD12qJw9DHUimAlgkOWzll3gh9WclsYnnXGrCCn5fyHFUCJl+XXAIy519z7YTpKih02rsIOw5dnaGClBZD/YQu2ZKVFZiwIVH7aBiqHOmtgRyWTQgjbh/fMpIN0ar2f/iZsWYUjd6et48TOmXZYIPCQ5FivXNvxt9oo1XZfq76UHBwlmypLJIWROMbz375n2M6hr3hECuxuPjKEUXAv05KiC1aJ4xc6pFoVhqwAR99hvHw5U4o7/ko2NVjNpTu6Jr5DT5VaQLIdDDjC/93kUjMpdD/8P72bEn7454+WexU6OE6uvNiHj1fetrptr2UAuzVfnCoaV8pBqY7X95gk+lnSENdpr8ltJYMg8s0Z7Pzz0OxsZtzzDY5VmWfC9TCdJkN5lT8IbnaixsYlWdjQl1lMmZGElmelfU3K7YQLAbZiHmHKe4hTl9ZoCcWdTQ3d4y2t1DBos+N2HZNdtFCyOS8esDdMw== cardno:000609506971',
-                    # n0emis
-                    'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu',
-                    'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== simeon@noemis.me (OLD)',
-                },
-            },
-            'kunsi': {
-                'groups': {
-                    'wheel',
-                },
-            },
-        },
-    },
-}
diff --git a/nodes/htz-cloud.aurto.toml b/nodes/htz-cloud.aurto.toml
new file mode 100644
index 0000000..ffa68d1
--- /dev/null
+++ b/nodes/htz-cloud.aurto.toml
@@ -0,0 +1,65 @@
+hostname = "2a01:4f9:c010:95fa::2"
+bundles = ["backup-client"]
+groups = [
+    "arch",
+    "webserver",
+]
+
+[metadata]
+description = [
+    "When adding packages to aurto, please also add those packages to ~/PACKAGES",
+    "Wenn Pakete zu aurto hinzugefügt werden, trage sie bitte auch in ~/PACKAGES ein",
+]
+
+[metadata.icinga_options]
+period = "daytime"
+
+[metadata.backups]
+paths = [
+    "/var/cache/pacman/aurto",
+]
+
+[metadata.interfaces.enp1s0]
+ips = ["2a01:4f9:c010:95fa::2/64"]
+gateway6 = "fe80::1"
+
+[metadata.interfaces.enp7s0]
+ips = ["172.19.137.4/32"]
+gateway4 = "172.19.137.1"
+
+[metadata.nginx.vhosts.aurto]
+domain = "aurto.kunbox.net"
+webroot = "/var/cache/pacman/aurto"
+extras = true
+
+[metadata.pacman]
+enable_aurto = false
+additional_config = [
+    "Include = /etc/pacman.d/aurto",
+]
+
+[metadata.pacman.unattended-upgrades]
+is_enabled = true
+
+[metadata.sudo.extra_configs]
+50_aurto_passwordless = [
+    "%wheel ALL=(ALL) NOPASSWD: /usr/bin/arch-nspawn",
+    "%wheel ALL=(ALL) NOPASSWD: /usr/bin/pacsync aurto",
+    "%wheel ALL=(ALL) NOPASSWD:SETENV: /usr/bin/makechrootpkg",
+]
+
+[metadata.users.aurto]
+groups = ["wheel"]
+ssh_pubkey = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBfbb4m4o89EumFjE8ichX03CC/mWry0JYaz91HKVJPb",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICYst1HK+gJYhNxzqJGnz4iB73pa89Xz2yH+8wufOcsA",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9x/kL2fFqQSEyFvdEgiM2UKYAZyV1oct9alS6mweVa",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrvhqC/tZzpLMs/qy+1xNSVi2mfn8LXPIEhh7dcGn9e",
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDH5+j2vDW1FHSSEEI/Sf5qiKJq1uoxGO5BPv84mqohvol7GxDFObv69tn7g6HYfZY/SaS75C4ZXy+cKa0xy8UCpF0SBa2xHASkenS9v55oweDL4rYSPARzn2XKt3RFJG/d8V5NOWtcyq5DFSzewUF35E4hx1pUc/CIxgJEem5ZvzvN0hlIKXUN2djkVUx+mz6RryBysLTJEFBamjJxIkvDG/PZU73W4SHaKAYV4Ojz2NY7T5/NYKePfIU5F9pkE3RU0LRj58usvA1eP0PvEArWlGNCd8EJU+HQ5xr2dZ6MKPpEyG0KJkC88DuapeF5RwUV53ZhNpF+QgzpI72fH5up",
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+ja1z5VRQzaKCCePsUM14qMr9QR94qlWc7Je5Poki9UmC1t/TyxRVzcCBL1ZdIfBGx6QKtfkEbvhgb3nxVt3PvXjoJrc6wwGLmNrVsU6B88y35g7nzupQiPKYJwkNzJ9j6Dmkgj1F5Q+aY2SitDaX6vqICLJ4Al/ZFw2IQxVJfC7JXRJ9jRMG5o9gWoE3gWDYEAmw+HU2mNzyeuaD12qJw9DHUimAlgkOWzll3gh9WclsYnnXGrCCn5fyHFUCJl+XXAIy519z7YTpKih02rsIOw5dnaGClBZD/YQu2ZKVFZiwIVH7aBiqHOmtgRyWTQgjbh/fMpIN0ar2f/iZsWYUjd6et48TOmXZYIPCQ5FivXNvxt9oo1XZfq76UHBwlmypLJIWROMbz375n2M6hr3hECuxuPjKEUXAv05KiC1aJ4xc6pFoVhqwAR99hvHw5U4o7/ko2NVjNpTu6Jr5DT5VaQLIdDDjC/93kUjMpdD/8P72bEn7454+WexU6OE6uvNiHj1fetrptr2UAuzVfnCoaV8pBqY7X95gk+lnSENdpr8ltJYMg8s0Z7Pzz0OxsZtzzDY5VmWfC9TCdJkN5lT8IbnaixsYlWdjQl1lMmZGElmelfU3K7YQLAbZiHmHKe4hTl9ZoCcWdTQ3d4y2t1DBos+N2HZNdtFCyOS8esDdMw==",
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw==",
+]
+
+[metadata.users.kunsi]
+groups = ["wheel"]