tixie/nixcfg
1
0
Fork 0
forked from Deuxfleurs/nixcfg
Code Pull requests Activity

Add Baptiste ; fix wireguard

Browse source
This commit is contained in:
Alex 2022-11-22 12:09:28 +01:00
parent 945dd4fa9a
commit 6659deb544
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
3 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
cluster/prod/cluster.nix
View file

@ -62,7 +62,7 @@
publicKey = "bIjxey/VhBgVrLa0FxN/KISOt2XFmQeSh1MPivUq9gg="; publicKey = "bIjxey/VhBgVrLa0FxN/KISOt2XFmQeSh1MPivUq9gg=";
IP = "10.83.3.1"; IP = "10.83.3.1";
lan_endpoint = "192.168.5.117:33799"; lan_endpoint = "192.168.5.117:33799";
endpoint = "bespin.site.deuxfleurs.fr:33731"; endpoint = "109.136.55.235:33731";
} }
{ {
hostname = "df-ymf"; hostname = "df-ymf";
@ -70,7 +70,7 @@
publicKey = "pUIKv8UBl586O7DBrHBsb9BgNU7WlYQ2r2RSNkD+JAQ="; publicKey = "pUIKv8UBl586O7DBrHBsb9BgNU7WlYQ2r2RSNkD+JAQ=";
IP = "10.83.3.2"; IP = "10.83.3.2";
lan_endpoint = "192.168.5.134:33799"; lan_endpoint = "192.168.5.134:33799";
endpoint = "bespin.site.deuxfleurs.fr:33732"; endpoint = "109.136.55.235:33732";
} }
{ {
hostname = "df-ymk"; hostname = "df-ymk";
@ -78,7 +78,7 @@
publicKey = "VBmpo15iIJP7250NAsF+ryhZc3j+8TZFnE1Djvn5TXI="; publicKey = "VBmpo15iIJP7250NAsF+ryhZc3j+8TZFnE1Djvn5TXI=";
IP = "10.83.3.3"; IP = "10.83.3.3";
lan_endpoint = "192.168.5.116:33799"; lan_endpoint = "192.168.5.116:33799";
endpoint = "bespin.site.deuxfleurs.fr:33733"; endpoint = "109.136.55.235:33733";
} }
]; ];
@ -110,6 +110,9 @@
trinity = [ trinity = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWGWTRoF5MjQ5bmFdQENQlNdoYtA7Wd61GM0TMHZDki" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWGWTRoF5MjQ5bmFdQENQlNdoYtA7Wd61GM0TMHZDki"
]; ];
baptiste = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
];
}; };
# For Garage external communication # For Garage external communication

3
cluster/staging/cluster.nix
View file

@ -64,6 +64,9 @@
kokakiwi = [ kokakiwi = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPTsEgcOtb2bij+Ih8eg8ZqO7d3IMiWykv6deMzlSSS kokakiwi@kira" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPTsEgcOtb2bij+Ih8eg8ZqO7d3IMiWykv6deMzlSSS kokakiwi@kira"
]; ];
baptiste = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
];
}; };
# For Garage ipv6 communication # For Garage ipv6 communication

4
nix/deuxfleurs.nix
View file

@ -210,8 +210,8 @@ in
services.resolved.enable = false; services.resolved.enable = false;
# Configure Wireguard VPN between all nodes # Configure Wireguard VPN between all nodes
networking.wireguard.interfaces.wg0 = { networking.wg-quick.interfaces.wg0 = {
ips = [ "${cfg.cluster_ip}/16" ]; address = [ "${cfg.cluster_ip}/16" ];
listenPort = cfg.wireguard_port; listenPort = cfg.wireguard_port;
privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private"; privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private";
peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: { peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {