rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-05-10 14:30:54 +02:00
Code Issues Projects Releases Packages Wiki Activity

agenix: migrate falkenstein

Browse source
This commit is contained in:
Rouven Seifert 2023-11-16 15:08:13 +01:00
parent 3c5095f144
commit dcaa017e5d
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
13 changed files with 48 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

9
hosts/falkenstein-1/modules/networks/default.nix
View file

@ -1,12 +1,15 @@
{ config, lib, ... }:
{
sops.secrets = {
age.secrets = {
"wireguard/dorm/private" = {
file = ../../../../secrets/falkenstein/wireguard/dorm/private.age;
owner = config.users.users.systemd-network.name;
};
"wireguard/dorm/preshared" = {
file = ../../../../secrets/falkenstein/wireguard/dorm/preshared.age;
owner = config.users.users.systemd-network.name;
};
};
networking = {
hostName = "falkenstein-1";
@ -46,14 +49,14 @@
Name = "wg0";
};
wireguardConfig = {
PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path;
PrivateKeyFile = config.age.secrets."wireguard/dorm/private".path;
ListenPort = 51820;
};
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ=";
PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path;
PresharedKeyFile = config.age.secrets."wireguard/dorm/preshared".path;
Endpoint = "dorm.vpn.rfive.de:51820";
AllowedIPs = "192.168.42.0/24, 192.168.43.0/24";
};