yggdrasil: properly add a static key
This commit is contained in:
parent
1f96222c4d
commit
6cc02abdb8
|
|
@ -81,11 +81,11 @@
|
|||
c3d2-gw2 = "2a00:8180:2c00:223::c3d2:3";
|
||||
c3d2-gw3 = "2a00:8180:2c00:223::c3d2:4";
|
||||
};
|
||||
hosts6.yggdrasil.c3d2-gw3 = "303:feb7:b244:77c3::1";
|
||||
hosts6.yggdrasil.c3d2-gw3 = "30c:c3d2:b946:76d0::1";
|
||||
subnets6 = {
|
||||
dn42 = "fd23:42:c3d2:523::/64";
|
||||
up4 = "2a00:8180:2c00:223::/64";
|
||||
yggdrasil = "303:feb7:b244:77c3::/64";
|
||||
yggdrasil = "30c:c3d2:b946:76d0::/64";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,58 +1,62 @@
|
|||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/Z5k1mYsMgxZQiA86eHoYBuMIK93QIQW8dH5eYk0P7Wj6
|
||||
RM0AZqvmkaD3iIeTtjURUaHL3RCoeaOdFfAaTb+kkL8sby0jtD+2SdyNGVgwxgXG
|
||||
MH1f3U0WpdmfCCtvnkNxjIx783BgBH0Eb84FO2BbGJZ9t8udDd1atmyqu25n7h6W
|
||||
0oVR3jV3+zxbZbfjPTvBIGMjdn5diIYK37qgrW9xOQcdM8CtnocXJifNxo++Ge86
|
||||
HM8TDWu2qN0FRAWib+O2KM/uKBErw3kr3LTdMIhReivirdGLSRWqsR0uCGuyjaCY
|
||||
3a0gI+ZBfauzTajIPmW+OGjMhjwwIXo3VW1OqceszdLrAeGluxzglWRHe0VCWga9
|
||||
K6bIoaJ+VoVVCKU0WvObSJXjRXcQ6u7jJBTdndyz/6qzPHLH+qSfJQHr6IDpVNEv
|
||||
mupghJnejgm4UYPtqy5bVsg5P7F2crvh/wRW9W0qAC2u6Ts47VY78xcBF5VO9t5T
|
||||
T/j5RQvCTz3msFcbPhXFBL+OpzYC0/AKnD8CyhCEx7QYROIT/OnHBwUbfBQpeYmg
|
||||
KB5+aAN3sTtbxI7BlUZoanVgeNjkj5JpvYtjj5Xe6biMNF5lJayYXtg7YKlkoJAP
|
||||
VAE0Uso/mFw3UFBL6TYkSx7aOHyaOkgkw530uK1sGoatOgPyy5ZxSTxdE+Rorggi
|
||||
l5qevJUfOO4aV7A1cedmw8GqooxjSRrnfrQOMpTAEklUgJqk2GT7N5aNMHvKyxu7
|
||||
ey1P6LGHs3U1B9l8pZfpiz5amR3xI6XhJ3WN+G+rqA6hcE1QbtAg2eGu8XTqkty8
|
||||
do/TT5qtHpTCLVlUByIoNmM2DkZulXFkwFqgEqKTI8zyuPMuO7994vzqBQV7s4ea
|
||||
NrYvBqvhGQVsBox/OAp8v2Kqtqb/rVpJqjOffj8W3EYgLF/I23Z7ycXS0Gnz2lSE
|
||||
9lWWCC9TBO7X70GRx1QxU8WctXxuOhRUzWSeUJHAhnGFfQ2hLLY0ZM1QhYXAhKpo
|
||||
6DN3i9+8zSr+sOoXrFWc/vf0CkkK3HB7J8dNHjrfhkST9wbEXjfKYhCMT73tMT8r
|
||||
7pF7NHLnw2+iM2M1muez6PB9TBaHmeI5X8hm+LJf7L9dQf1DOI9c8UVlGm0Qcz6z
|
||||
TtNlAkClXOeGeSABC2K+Kkt0uDuOJhRmKdNErLN5rAxirzRo4TMVSmQ8oRdrh8ZV
|
||||
AeZstpmt7glsccyXGi51AH9YYl6orTR9rSjxJPHff5QxpXpUBfQPta0nAJNUtyXf
|
||||
bfDqY75Z79Q6ROEQpvMbZWFOGHvCqjKTMeUSL9tos4kX7hDYz9QV/xYjGgUJIpXy
|
||||
SgsTCgiCTJbXr9rRsIFnEXa4xrxFcO1YAhLsAkE+VsR5bKZT9l6IQlWHIbPoudWU
|
||||
acb5Fa6Aft+EmPD0vlnMIPEuenDg1HJU/Ehx54GDUkJIiK505GNSatraWgt5gUuR
|
||||
PIJtDgaHyaAEAVWJQtb4GPlM0jmTl2jFpmCruZ98UnPZdTrgiPRGv6JVGj3ysZsj
|
||||
ivssxMfXii3CzxxTFI0ZJ38VV9O3vF6ygysFrw/wYlGrPes1NoX8x73zVKQpV6E7
|
||||
Ip/gh0rgofgUmdJP6CT0fz7aEyVUarhWj9Vv5dRHnTvh817DEPhOylRTR8K0gtJV
|
||||
oEZ0H9bsG0WeSA2VMFyocSC5HkTGCnjUJzbQkUDnzswQ2S36SrArp0Wo+p65Iy6Q
|
||||
VHCVZD49HazQG3uuhsHgBY2VMvuS3XaZHWbHviceU4HzvSRykq5j0BIM+bCpFB8X
|
||||
YMhIjMBy8Z4B+UuiBEAz7zjduXwkZ2liSL0ZgXdtNmSY5CVtP2c3piY1J0ZFgYIR
|
||||
kQUI1rByBeDNP1Ic3aPwq1/mMsFfLRle9goZ/swCGu+/7smYQ3CDfJeavjJcPIVf
|
||||
YJoP0PYZbqv2/C+Yve9KKsgYQSAfj3XordOpz/kB0hLtrMER07LTEhcGdeCbzGWc
|
||||
Tx2fQXYHMpR+2dtgaiCQSsPIshlfcJkZY5F+Vt8LFhYKwFgXLUR/EJplgoFmcOSc
|
||||
Ckfjmk2Mvgo/BffrcaoeyQGcVY5t96+pDPnRCZpNgfCHhcqkYVhZeATBLm85Tywt
|
||||
6FMnxbNCjl4LsvR9zP5RvO4LbRLY+d8QxloVlS8CkX6MbSHLr3varL6M0ldGSJ1G
|
||||
rqXYwhf0PDBVGUJKdZMLfvE7kqf9CaxHM5wR9V6lld2U5PEKKulS/6rCi2FewVhW
|
||||
nydfZiUhopQhSDjjY5/xZQ33hkoZwkMaQFgLQgp1bEJLwC/c1pNrkw3uTBY5Z0VG
|
||||
vKwgiQ+i4VuF1OHZkv17VUBoyhFnC0/Q4PmeXQ8EV9FJ1uDmSEK25j9gqJLEm65z
|
||||
saePYZRvHlPd4VoMs6IEy6g/4SidFd5078tm2smG3aeaup97u+Ss2ndh54l1O96i
|
||||
Zx3HfSjDvQ2XMSHkB2+ucu3dv9krchvJyV3zAxLPvZZvtpGQv/C5wY3h+tzR9dAR
|
||||
U4794sqwm/slPyzSc2CKfe2r7KEWKQiONFJqoLdnPJ36BKM2uzpBhCdxD++wvpFL
|
||||
+qVWToMy32CyZMn9VP5X4zSyHEM2b1IZdyPnwqwZD8gqYid78MOkbr22hBnsLePW
|
||||
nizQL7/k6V1pp1cPcSwrbss1r27thclXh4RtkJxFdJj3WUyh0XP5y3YBhiXmBG/+
|
||||
P/TnvIC4L7JzBjZEAe33qIq9C1L8vxAPGCc4t/PifgP/pZkmmYt/3wPQ1gW+jjwx
|
||||
eCuVq1L35q13FUj4XDHmJo64OyA1JalSN+FsogfyAzPSeKKNzkbTdH7F9+hLco3O
|
||||
wfbrX0u9dmxn9LtEUlndBV4JkycjJtg+IhEcLcuhhyQMY4Z+znyO/Tq44ZBFNl7h
|
||||
TZmtUtbvE/Sw8eWZUEytGE3J4OeCMOuNNRJT161IYBkUjmUxYqeYXumQIkiFmgcU
|
||||
dnCvbkcNgDdJiI1/qlV0hEmvILlOV2Le84O1dybTTzhn4AjFJuMPGa1+VwlsprDe
|
||||
H6B/BQcq52/AlB6Px+blI3Zam8Xs1799PpHJ1SxZMp7blINp9myc+6sHp51mzfI2
|
||||
wENoS2Ri+SLxp3t0F15Us7DATaPDau/QLYRxDJIIr7IyoagjOFD1lBM2v2GJZW73
|
||||
nevLGnxmYi+bW7yw5FYVgDsR75szHMD3eJyCaRuoHY2th44XbwZGNP57Kb3v7URi
|
||||
CLFEiFgug4CJCLX3YZDPYm6ZXCNcGayNIFZRDUoCo4fdBkXWoFkPI+XfTtDIbzYt
|
||||
3P2UlMT7ucA9NM/1tl6uAFXlVT0ou1sNbs6pp534VlXmrkVoBivmqacL8004PU3Z
|
||||
e2VEnTWA4fSiHyGu024Y6CbxDWOsT/RqdqdilHsi1i79/5xpaPNQlmmhKC9XiHnt
|
||||
C6FTA+tGzLKoDc+mtrlz1UDRyuGDeNcldgDD2HURarFWZHOHoR4LPfulryw8ZQRu
|
||||
=pc7u
|
||||
hQEMA2PKcvDMvlKLAQf/VrM3oRXn8dHbFyxWAps/OAhk83HD4RCIlSQUcEHYHi9i
|
||||
hMr44NqNVms4/E02bWMKlkUZmeEaVo92QmTUYyDF8hZUgZ59Kh0gQoXbSukA+8Kn
|
||||
lJ0HWg3HuAr/XqCDm3AWBzHAhuL8rYg8tKxwbvKNjk5uKd3VhpyEHYapBKmPgP5D
|
||||
yeP+OoMwHxm9ltCrNKehWJavGpI0NolcLqoaOVrltwwlLCC6cWxH0SWnM1NUigJ5
|
||||
3FfakgI2uD4wsfUB2DsIfP5rraCmC/K7PFSRxJ8z4LRDAG1WNxK7CA9oYFSqEIo7
|
||||
axMDZvRfFViqs1grXruTQzI2GAodvMt4Sqw9TXGi4tLrAU8a+GvXDcoIYHe2MmUP
|
||||
dxN/tq8nJUE+PEq6RtdIcuOv1yhkgXHAfzcf7gWIugREglGywfX0Ops9+Mp8UQnz
|
||||
kRbPI4m7zkzIozsq0Q7CSrKVAwT/CC+gpMFtOx+uZOPC02p4za6yL5GMgPBKHmr8
|
||||
qbMujryv30Ua48SeVRhgI+ScnUxXBau6VGWOPX4U7v6Y5jtJkea9lFHurNpByAaf
|
||||
4y12GFlePqbcVrGdcfCL15fDkhfi5ba1nlpi+dILJYegttis5iNMyueKb2jDzFjk
|
||||
vpY9PG0Npxa9YCq1IPawTEwU4/sFh00psM9jdXBNne33FNyYcpy+gF0+fCU6Y0o6
|
||||
qXB2V1iSaVLxW1te5UQV2rn0QAKwpbE+c7IL2oEizktBzNEDB94ls0hdzo8j1Umd
|
||||
wCk6x7UGU0iJCZtg/a6THmDEoa7ib7U4qeBB8XoJYW6VA113ROc+VFbdl1aDyA3o
|
||||
jCB5zQR0/RI+xrvc9Vn57bmlrOsTVkG0kf17a3MWVfYobpHCg2OBTLlaGEfvdcZ1
|
||||
EwMGTJhnakJIkbKJdO1b2ljp6NaJMxJdQLVHjyFB6JjDRosZPeW4qO5jRgShMaVL
|
||||
4ZZb3XORms679ItX19DanCEP2ouo8MP9Fbt3y6C/s0YqOOAOOa5o4Wb04098Upod
|
||||
7TH70faAtzgcx9nZ4aoPsXWgbvoEGWyJZvoRxF/6X887z+cLYtY+6K709TSsYc+F
|
||||
3TGt8gpt+kzfwuGv9QUQ/tDAdvR3LPQ4zKJ4COJ89ybuop4+GlrQC2v/FvE58LJ+
|
||||
q1yS/kim+/FsvmwAM+7vYj/wn6hXAWn2rleWTcFgmu4MwIyxfwjUcTXRrUptvnRS
|
||||
juY71sqQMe/44QB2KZNDvNX6efj2ay0Uvx6MXBN2Wfkn0lFrlspcgP1eDdQZDgDU
|
||||
HyemCXAYmylUYXVNgwENksKpaV5vbSZSuN0QHzzcpNR/ur3Jne9uPe2AqzXanep9
|
||||
ozQoz7YCOlXxqqWzI2dV0JqszoLQA0OarFlGAmR1eA2tfxnUayMjHl85LEk2PGI6
|
||||
IMyKIyB28tkue1ualu/deq+3CHBdJmWLUeC7DSSUH8NLzChcnJDZA+Vyiic4Ovdr
|
||||
N+hTeUQM6BHIGNtgX7LtH+2phdA4Mc9Vl2b7AtDghZmz5IcBA90G8PVkhSBY0I/j
|
||||
ssphtIroQwfC9Z8vQmmQkwAv/VgHIstp8UM51K1c24ckCFduu2Vo6SOaDUwV2efF
|
||||
x/F4RPHr/A2TzdAZj3cIe5S4Gkc9D/5p8PJ2w2MuP+fKWTE9Z3IM7BlbO6VlLbxq
|
||||
VZTIzjtivJKaD7B0hpyWcjqI6GU3o3FvMyOLCFTJvrXpWfCAErsHf1I8vtPI2T7I
|
||||
eBYl85LNOiqPTDkjqQHFe/BahPzNS8c1tdfdCmY1ILRdYCN2DM9RVZmbyypyt49z
|
||||
K3IHMi3G4RizGXQ+tdfmsqO/n7TInY9p3td2RcYcUT1AfQOkiMV9jBrBuylPcsvh
|
||||
q7AlmlIEPikhlXCxFIkt/zQPy6qyka2GS1n5yl0MyqE40e5pSZkkvBN1dt6+Kvxw
|
||||
EIUyxRPlFjoQXtDgtAA8vEgl5feNkD1QviM+72dvPOo4lszHLHxdI87hqYCysRCA
|
||||
XGaCa/qExxuG0Hl+6X7iI9adGlFz9iiQrVYjZoGOXC2z7Vkd8Dr4LY2xSyVHZDaQ
|
||||
W4h7PJ5OPGKhwUY9V8ZDgSdiwLa0Bgoc+fSf/mDZhzOjV34tDh8G4gU3GaZGjG4Z
|
||||
8J2Hj1H4At4McETx+Tg5aqJfFM71EG8no5PNBaKXQ5lInMR5dFh+OUVizGmLDQmi
|
||||
a2aK6SzvwEegijKQWMyHTvPEzJAg/mghM2s1EN4kg12VvO9LEMC7F65YWkpGktg3
|
||||
Zch0J4b5z+QMMDOC/gAkYfalRvraV6rDRzhbrLsQe870zqvdyArurHbmpBpvE1Sv
|
||||
sDgcYKWwZ4w8gcxaju4qk9NNkFkPaZP/Cz346HWUDWPr8SbZGZ3O7WNm0JvFy9oS
|
||||
HwOm32yc8RT2dfzRIj4faGMrGUsXG5dULoyrYfatxDM3ohMt8BvvqJ8i2EVHpZI2
|
||||
ZElpBo7qM08+9VpwBpBseBxjE3uAkqBAaBBwRfecJvQuFjgQowk8uOmhGvvPQ+v3
|
||||
lcTIErizNHDyKhbwMvzURNELa6TqThaeHQi3X9djiSvl+uUgu1nGnCZwK/ApYa0a
|
||||
Z0BvM7sap63DTdete3iWo/OKKTL+yU6QpmV69wUNmVn867E+naX7GeqgMS2PcwdI
|
||||
kFmWFzKf4m4BpodfJ8II0M3tE3nWYwGRKy72DjrP1TittRyhTIRMKh0N4jnYlh+g
|
||||
TeTodvcZL5xL2lwLvxBbULtz0wRVcloB1BPla2LiBlclpdKvKmgRk36gvq3E5N6/
|
||||
CJ+BQ94QjLa1EcEBjYtK557nyFW2s3Km8tD1+FAO+uj2X9BLq9Qyax/FMteiSwF5
|
||||
rPEfy9OhZH2v2jkYCfc9scFA69PkskfJQ6ZfnJT4mYMmn1UEN3L+Q2b66hdaeIbo
|
||||
SmH7Es9xofBN+2MYOYPTg5ptyYUAlLVdnJrgAnKIylPr3iedBLJ2mYK6aDoj3PWT
|
||||
7klVaCJfxNxb7siiwKJjTvs7Y/7eI1mN5dsPW0OWCWONzR+XGu4wwT+CcZURB086
|
||||
yD4DyFOpZb42RN8NBTwyiKOYVsd/7jUKXat0HQswRy7hDW3qs5aIkLJCaX1vd9an
|
||||
56b1Fwu9FMhIzEdLPPrJQMLA3xYDh4NiOwO0oy370Pdoy1aPa6lMA7QrQrZXfpsz
|
||||
eFpgRSEkzJFlDRTSYsdczx3Kdpe8L9Ha3KJ3m261mQIUucnIFQlES1tfv2au87x6
|
||||
48dZRT8EyAoTQiCH8e7sRpZUYllgM71peyQNWSnqoNERp9PL3eRTWzfa9xn9IglD
|
||||
CyuSAuRgivvSanVqNOX3xFQ1doAT4mfJ2HyA1IZOPXOxSGiueyAAOeUbQOsl7xHv
|
||||
7L7UdvHpVta2Rn1I8kuPrvAGiFkM5ROyMF6bBqkwu+cZ+oNdP8xwZ6ovxOBNeAwV
|
||||
Fx/ZEJZpnU2BAjkZrHA/OLJ7sgFo+Pqo0BpnDaZVO0xtVLYHUMBTqt4uGaHJ/qIJ
|
||||
3KPJDjHq1CRyLFwQ+HKT3QYu9IsvJ33PQGwFcqP8pyuhXX0z3QaLUs9tZ93jW4d3
|
||||
70XDQ0udMjazKHQnpLpqleVqvG6vDI5KcXRn8GzMyDHsSObak+pKNIm01TjYmDEj
|
||||
cDk7a+5d5DNA4ELExj0Py/C3D8JtcQzycnZv6EwGsyLsDTtQhSkGHcvfK6u0SfvD
|
||||
aWg=
|
||||
=2R32
|
||||
-----END PGP MESSAGE-----
|
||||
|
|
|
|||
|
|
@ -77,6 +77,13 @@
|
|||
publicKey = "encrypted";
|
||||
};
|
||||
|
||||
yggdrasil.services.yggdrasil.keys = ''
|
||||
{
|
||||
"PublicKey": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||
"PrivateKey": "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
|
||||
}
|
||||
'';
|
||||
|
||||
ap1.wifi."platform/qca953x_wmac".ssids."uebergangsnetz".psk = "encrypted";
|
||||
ap10.wifi."platform/qca953x_wmac".ssids = {
|
||||
"Ebs 2000".psk = "encrypted";
|
||||
|
|
|
|||
|
|
@ -401,9 +401,15 @@ let
|
|||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
services.yggdrasil.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
services.yggdrasil = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
keys = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
};
|
||||
};
|
||||
links = mkOption {
|
||||
description = "Which port is connected to what other device? Keys are either network names or known hostnames.";
|
||||
|
|
|
|||
|
|
@ -1,6 +1,9 @@
|
|||
{ pkgs, lib, config, hostName, ... }:
|
||||
|
||||
lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
|
||||
let
|
||||
hostConf = config.site.hosts.${hostName};
|
||||
cfg = hostConf.services.yggdrasil;
|
||||
in lib.mkIf cfg.enable {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
boot.postBootCommands = ''
|
||||
|
|
@ -20,6 +23,11 @@ lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
|
|||
'';
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/lib/yggdrasil 0700 root root -"
|
||||
"L+ /var/lib/yggdrasil/keys.json - - - - ${builtins.toFile "keys.json" cfg.keys}"
|
||||
];
|
||||
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
persistentKeys = true;
|
||||
|
|
@ -44,5 +52,4 @@ lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue