mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-28 09:42:26 +02:00
Grigory Shipunov
44e046a2aa
* sops: init * add my gpg keys * sops: add @revol-xut key * add gpg pub key * update gpg keys * .sops.yaml: add marenz * sops: add secrets for traffix-stop-box-3 and 4 * build sops-install-secrets on hydra * sops: add keys for traffic-stop-box-{3,4} Co-authored-by: revol-xut <revol-xut@protonmail.com> Co-authored-by: Markus Schmidl <markus.schmidl@mailbox.tu-dresden.de>
78 lines
2.2 KiB
Nix
78 lines
2.2 KiB
Nix
{ config, ... }:
|
|
|
|
{
|
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
|
|
|
networking.wg-quick.interfaces = {
|
|
wg-dvb = {
|
|
address = [ "10.13.37.1/32" ];
|
|
privateKeyFile = config.sops.secrets.wg-seckey.path;
|
|
listenPort = 51820;
|
|
peers = [
|
|
{
|
|
# Tassilo
|
|
publicKey = "vgo3le9xrFsIbbDZsAhQZpIlX+TuWjfEyUcwkoqUl2Y=";
|
|
allowedIPs = [ "10.13.37.2/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# oxa
|
|
publicKey = "QbaQaGqudRXIh03IbBNATfBZfpMLmwihlwLs6W9+P1c=";
|
|
allowedIPs = [ "10.13.37.3/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
# data hoarder staging
|
|
{
|
|
publicKey = "48hc7DVnUh2DHYhrxrNtNzj05MRecJO52j2niPImvkU=";
|
|
allowedIPs = [ "10.13.37.5/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-0
|
|
publicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";
|
|
allowedIPs = [ "10.13.37.100/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-1
|
|
publicKey = "dOPobdvfphx0EHmU7dd5ihslFzZi17XgRDQLMIUYa1w=";
|
|
allowedIPs = [ "10.13.37.101/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-2
|
|
publicKey = "4TUQCToGNhjsCgV9elYE/91Vd/RvMgvMXtF/1Dzlvxo=";
|
|
allowedIPs = [ "10.13.37.102/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-3
|
|
publicKey = "w3AT3EahW1sCK8ZsR7sDTcQj1McXYeWx7fnfQFA7i3o=";
|
|
allowedIPs = [ "10.13.37.103/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-4
|
|
publicKey = "B0wPH0jUxaatRncHMkgDEQ+DzvlbTBrVJY4etxqQgG8=";
|
|
allowedIPs = [ "10.13.37.104/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
{
|
|
# traffic-stop-box-5
|
|
publicKey = "bGMO3+BuMbNMnqgt+1lEKAwCVi3BrtpcZlVf9ULcmkw=";
|
|
allowedIPs = [ "10.13.37.105/32" ];
|
|
persistentKeepalive = 25;
|
|
}
|
|
# { # marenz
|
|
# { # marenz
|
|
# publicKey = "";
|
|
# allowedIPs = [ "10.13.37.4/32" ];
|
|
# persistentKeepalive = 25;
|
|
# }
|
|
];
|
|
};
|
|
};
|
|
}
|
|
|
|
|