matrixfurry.com
Various scripts that I maintain
Remove unmaintained module: Nebula
It is no longer used or maintained, as I've switched to Tailscale.
Signed-off-by: Shiloh Fen <shiloh@shilohfen.com>
-6
README.md
-6
README.md
-44
nushell/nebula/mod.nu
-44
nushell/nebula/mod.nu
···
1
-
# SPDX-License-Identifier: AGPL-3.0-only
2
-
# SPDX-FileCopyrightText: 2025 Shiloh Fen <shiloh@shilohfen.com>
3
-
4
-
const path_data: path = "~/.local/share/nebula" | path expand
5
-
const path_ca_cert: path = $path_data | path join "ca.crt"
6
-
const path_ca_key: path = $path_data | path join "ca.key"
7
-
const path_state: path = $path_data | path join "state.nuon"
8
-
9
-
export def sign [
10
-
name: string
11
-
groups: list<string>
12
-
]: nothing -> record<path_cert: path, path_key: path> {
13
-
if not ($path_ca_key | path exists) {
14
-
error make {
15
-
text: "No CA key found."
16
-
help: "Run submodule `ca` to generate a CA before attempting to sign a device cert."
17
-
}
18
-
}
19
-
20
-
let tmp = mktemp -td "nebula-XXXXX"
21
-
let path_device_cert = $tmp | path join $"($name).crt"
22
-
let path_device_key = $tmp | path join $"($name).key"
23
-
let ip_part = (open $path_state | get last_ip) + 1
24
-
25
-
nebula-cert sign -name $name -ca-crt $path_ca_cert -ca-key $path_ca_key -ip $"192.168.100.($ip_part)/24" -groups ($groups | str join ",") -out-crt $path_device_cert -out-key $path_device_key
26
-
27
-
{last_ip: $ip_part} | save -f $path_state
28
-
29
-
{
30
-
path_cert: $path_device_cert
31
-
path_key: $path_device_key
32
-
}
33
-
}
34
-
35
-
export def ca [
36
-
name: string
37
-
] {
38
-
mkdir $path_data
39
-
nebula-cert ca -name $name -out-crt $path_ca_cert -out-key $path_ca_key -encrypt
40
-
41
-
print "Certificate will be valid for one year. Be sure to set up an alert or calendar event to rotate your CA and certificates before then to ensure continued connectivity!"
42
-
43
-
{last_ip: 0} | save -f $path_state
44
-
}