Add Baptiste ; fix wireguard

2022-11-22 12:09:28 +01:00 · 2022-11-22 12:09:28 +01:00 · 6659deb544
commit 6659deb544
parent 945dd4fa9a
3 changed files with 11 additions and 5 deletions
--- a/cluster/prod/cluster.nix
+++ b/cluster/prod/cluster.nix
@ -62,7 +62,7 @@
      publicKey = "bIjxey/VhBgVrLa0FxN/KISOt2XFmQeSh1MPivUq9gg=";
      IP = "10.83.3.1";
      lan_endpoint = "192.168.5.117:33799";
-      endpoint = "bespin.site.deuxfleurs.fr:33731";
+      endpoint = "109.136.55.235:33731";
    }
    {
      hostname = "df-ymf";
@ -70,7 +70,7 @@
      publicKey = "pUIKv8UBl586O7DBrHBsb9BgNU7WlYQ2r2RSNkD+JAQ=";
      IP = "10.83.3.2";
      lan_endpoint = "192.168.5.134:33799";
-      endpoint = "bespin.site.deuxfleurs.fr:33732";
+      endpoint = "109.136.55.235:33732";
    }
    {
      hostname = "df-ymk";
@ -78,7 +78,7 @@
      publicKey = "VBmpo15iIJP7250NAsF+ryhZc3j+8TZFnE1Djvn5TXI=";
      IP = "10.83.3.3";
      lan_endpoint = "192.168.5.116:33799";
-      endpoint = "bespin.site.deuxfleurs.fr:33733";
+      endpoint = "109.136.55.235:33733";
    }
  ];

@ -110,6 +110,9 @@
    trinity = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWGWTRoF5MjQ5bmFdQENQlNdoYtA7Wd61GM0TMHZDki"
    ];
+    baptiste = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
+    ];
  };

  # For Garage external communication
--- a/cluster/staging/cluster.nix
+++ b/cluster/staging/cluster.nix
@ -64,6 +64,9 @@
    kokakiwi = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPTsEgcOtb2bij+Ih8eg8ZqO7d3IMiWykv6deMzlSSS kokakiwi@kira"
    ];
+    baptiste = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnGkJZZrHIUp9q0DXmVLLuhCIe7Vu1J3j6dJ1z1BglqX7yOLdFQ6LhHXx65aND/KCOM1815tJSnaAyKWEj9qJ31RVUoRl42yBn54DvQumamJUaXAHqJrXhjwxfUkF9B73ZSUzHGADlQnxcBkmrjC5FkrpC/s4xr0o7/GIBkBdtZhX9YpxBfpH6wEcCruTOlm92E3HvvjpBb/wHsoxL1f2czvWe69021gqWEYRFjqtBwP36NYZnGOJZ0RrlP3wUrGCSHxOKW+2Su+tM6g07KPJn5l1wNJiOcyBQ0/Sv7ptCJ9+rTQNeVBMoXshaucYP/bKJbqH7dONrYDgz59C4+Kax"
+    ];
  };

  # For Garage ipv6 communication
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@ -210,8 +210,8 @@ in
    services.resolved.enable = false;

    # Configure Wireguard VPN between all nodes
-    networking.wireguard.interfaces.wg0 = {
-      ips = [ "${cfg.cluster_ip}/16" ];
+    networking.wg-quick.interfaces.wg0 = {
+      address = [ "${cfg.cluster_ip}/16" ];
      listenPort = cfg.wireguard_port;
      privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private";
      peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {