From 045779ebb5d5ff5a93751800dcc9ecf206d53a20 Mon Sep 17 00:00:00 2001
From: blissful <blissful@sunsetglow.net>
Date: Tue, 19 Dec 2023 00:40:35 -0500
Subject: [PATCH] update tailscale acl

---
 home/default.nix                 |  1 +
 pkgs/decrypt-frieren/default.nix | 16 ++++++++++++++++
 pkgs/default.nix                 |  1 +
 tailscale.policy.json            |  4 ++--
 4 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 pkgs/decrypt-frieren/default.nix

diff --git a/home/default.nix b/home/default.nix
index 0a021ff..a3b6204 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -23,6 +23,7 @@
       curl
       dasel
       decrypt-zen
+      decrypt-frieren
       dnsutils
       exiftool
       fd
diff --git a/pkgs/decrypt-frieren/default.nix b/pkgs/decrypt-frieren/default.nix
new file mode 100644
index 0000000..5900b1d
--- /dev/null
+++ b/pkgs/decrypt-frieren/default.nix
@@ -0,0 +1,16 @@
+{ writeShellScriptBin }:
+
+writeShellScriptBin "decrypt-frieren" ''
+  #!/usr/bin/env bash
+
+  printf "waiting for stage 1 to become available.."
+  while ! timeout 2 ping -c 1 -n 147.135.10.32 &> /dev/null
+  do
+      printf "%c" "."
+  done
+
+  echo
+  echo "-----"
+  echo "stage 1 available, ssh-ing to decrypt"
+  ssh root@147.135.10.32 -p 2222
+''
diff --git a/pkgs/default.nix b/pkgs/default.nix
index 6a375a4..6726586 100644
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -10,6 +10,7 @@ import nixpkgs {
         bar-now-playing = prev.callPackage ./bar-now-playing { };
         bar-loadavg = prev.callPackage ./bar-loadavg { };
         bar-vpn = prev.callPackage ./bar-vpn { };
+        decrypt-frieren = prev.callPackage ./decrypt-frieren { };
         decrypt-zen = prev.callPackage ./decrypt-zen { };
         devenv = devenv.packages.${system}.devenv;
         discord = prev.callPackage ./discord { inherit srcs; original = prev.discord; };
diff --git a/tailscale.policy.json b/tailscale.policy.json
index 7cb538e..29cabd5 100644
--- a/tailscale.policy.json
+++ b/tailscale.policy.json
@@ -1,7 +1,7 @@
 {
   "hosts": {
     "splendor": "100.109.183.108",
-    "zen": "100.71.28.44"
+    "frieren": "100.84.146.55"
   },
   "groups": {
     "group:admins": ["azuline@github"]
@@ -15,7 +15,7 @@
     {
       "action": "accept",
       "src": ["tag:ci"],
-      "dst": ["zen:4646"]
+      "dst": ["frieren:4646"]
     }
   ],
   "ssh": [