Add Baptiste ; fix wireguard

This commit is contained in:
Alex 2022-11-22 12:09:28 +01:00
parent 945dd4fa9a
commit 6659deb544
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
3 changed files with 11 additions and 5 deletions

View file

@ -62,7 +62,7 @@
publicKey = "bIjxey/VhBgVrLa0FxN/KISOt2XFmQeSh1MPivUq9gg=";
IP = "10.83.3.1";
lan_endpoint = "192.168.5.117:33799";
endpoint = "bespin.site.deuxfleurs.fr:33731";
endpoint = "109.136.55.235:33731";
}
{
hostname = "df-ymf";
@ -70,7 +70,7 @@
publicKey = "pUIKv8UBl586O7DBrHBsb9BgNU7WlYQ2r2RSNkD+JAQ=";
IP = "10.83.3.2";
lan_endpoint = "192.168.5.134:33799";
endpoint = "bespin.site.deuxfleurs.fr:33732";
endpoint = "109.136.55.235:33732";
}
{
hostname = "df-ymk";
@ -78,7 +78,7 @@
publicKey = "VBmpo15iIJP7250NAsF+ryhZc3j+8TZFnE1Djvn5TXI=";
IP = "10.83.3.3";
lan_endpoint = "192.168.5.116:33799";
endpoint = "bespin.site.deuxfleurs.fr:33733";
endpoint = "109.136.55.235:33733";
}
];
@ -110,6 +110,9 @@
trinity = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWGWTRoF5MjQ5bmFdQENQlNdoYtA7Wd61GM0TMHZDki"
];
baptiste = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
];
};
# For Garage external communication

View file

@ -64,6 +64,9 @@
kokakiwi = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPTsEgcOtb2bij+Ih8eg8ZqO7d3IMiWykv6deMzlSSS kokakiwi@kira"
];
baptiste = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
];
};
# For Garage ipv6 communication

View file

@ -210,8 +210,8 @@ in
services.resolved.enable = false;
# Configure Wireguard VPN between all nodes
networking.wireguard.interfaces.wg0 = {
ips = [ "${cfg.cluster_ip}/16" ];
networking.wg-quick.interfaces.wg0 = {
address = [ "${cfg.cluster_ip}/16" ];
listenPort = cfg.wireguard_port;
privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private";
peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {