network: init ese wireguard
This commit is contained in:
parent
e80eb649ca
commit
0d9bd777c8
|
@ -1,5 +1,6 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
sops.secrets."wg-ese" = { };
|
||||
networking = {
|
||||
# portunus module does weird things to this, so we force it to some sane values
|
||||
hosts = {
|
||||
|
@ -44,4 +45,35 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
netdevs."30-wireguard-ese" = {
|
||||
netdevConfig = {
|
||||
Kind = "wireguard";
|
||||
Name = "wg0";
|
||||
};
|
||||
wireguardConfig = {
|
||||
PrivateKeyFile = config.sops.secrets."wg-ese".path;
|
||||
ListenPort = 10000;
|
||||
RouteTable = "main";
|
||||
RouteMetric = 30;
|
||||
};
|
||||
wireguardPeers = [
|
||||
{
|
||||
PublicKey = "";
|
||||
AllowedIPs = "0.0.0.0/0";
|
||||
}
|
||||
];
|
||||
};
|
||||
networks."30-wireguard-ese" = {
|
||||
matchConfig.Name = "wg0";
|
||||
addresses = [
|
||||
{
|
||||
Address = "10.20.24.1/24";
|
||||
# AddPrefixRoute = false;
|
||||
}
|
||||
];
|
||||
# networkConfig = {
|
||||
# DNSSEC = false;
|
||||
# BindCarrier = [ "ens3" ];
|
||||
# };
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
wg-ese: ENC[AES256_GCM,data:vfjDwFCgK2o4NFQtERoKnSksU54UD6igMvF0BWamLyTiO6X3rP4yXl+XCno=,iv:NuDyHsQp82MSn+S/8wV9Vj/OuAfsJeNDPBRGzmQwIbs=,tag:ErGaJ1uxw5Ft3UZ12UIiFA==,type:str]
|
||||
nextcloud_adminpass: ENC[AES256_GCM,data:v6FYsO/RklPSz5uf6aYQDhdudHb0962I1WxJM3VGc0af6s/fEz2j+UTu,iv:WzS+jU7qmNQbd1RWDempdu4nv0ytWeybF/PKoc4mvTc=,tag:1CF3ZnQNDLv11j7UoyYsjg==,type:str]
|
||||
hedgedoc_session_secret: ENC[AES256_GCM,data:WO3j/Sp0LHyNC51jdzChKB46KLU7l57TBVNL3v92sjs=,iv:HVizKMCd+d9cTQEzRncRpv9scldg5Nn2fBRz0D58OOg=,tag:8HZttVgZs4Ah8JWTDaTySA==,type:str]
|
||||
nix-serve:
|
||||
|
@ -51,8 +52,8 @@ sops:
|
|||
c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I
|
||||
vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-09-26T18:10:46Z"
|
||||
mac: ENC[AES256_GCM,data:D2qTNh+PfSu3ZjoIv/8qS+S6+Rjqa9Xpwdm+Fj90ibimU3YW5FfrBrNb2psF1nterLUtSdCWPt02m4UFwsH4geizsrVTuv9mWtrCC2DhC8kzV+tFG4OvBCCIM/F7NWM6BElm+etKtvWULRxpoqu4TTk3mQzSQ49SxlaA/NbeVr8=,iv:p0HLBsU0cR2Yt9dF4R3lAIcenScHn47IN4zy/J51i6A=,tag:zuP6Zp8Q89spkvcNQ8kkrQ==,type:str]
|
||||
lastmodified: "2024-10-04T13:36:52Z"
|
||||
mac: ENC[AES256_GCM,data:uSpu82wJBDzFLyrX1An1OObnX2Rif38/Y/gEOOf3mWP3e6G98ldZatBWuUAiN6oCD9SFM95YnTf5gusypnURWaRC33rHaRKU92HDdbCoTt/8BColiu+2NBLfX3eTi20PsNEE1Bcq6QN83aul3nMT4/ahYeghE1LAH82a4bhshP0=,iv:N6ACDgKelZYrGAZefC+WyQVsanhecwIp74DtWiHlmBg=,tag:e0NUzEAh1FvlcNVmImm9/w==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-02-29T15:23:23Z"
|
||||
enc: |-
|
||||
|
|
Loading…
Reference in a new issue