dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

pruflas: connect hydra to proxy

Browse source
This commit is contained in:
Tim Schubert 2022-10-08 12:25:09 +02:00
parent 103d849791
commit a7a49bff68
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
4 changed files with 28 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
nixos/pruflas/configuration.nix
View file

@ -7,6 +7,7 @@ with lib;
let
secretsPath = config.dadada.secrets.path;
wg0PrivKey = "${config.networking.hostName}-wg0-key";
wgHydraPrivKey = "${config.networking.hostName}-wg-hydra-key";
wg0PresharedKey = "${config.networking.hostName}-wg0-preshared-key";
in
{
@ -67,6 +68,8 @@ in
age.secrets.${wg0PrivKey}.file = "${secretsPath}/${wg0PrivKey}.age";
age.secrets.${wg0PresharedKey}.file = "${secretsPath}/${wg0PresharedKey}.age";
age.secrets.${wgHydraPrivKey}.file = "${secretsPath}/${wgHydraPrivKey}.age";
networking.wireguard = {
enable = true;
interfaces.uwupn = {
@ -83,6 +86,19 @@ in
}
];
};
interfaces.hydra = {
allowedIPsAsRoutes = true;
privateKeyFile = config.age.secrets.${wgHydraPrivKey}.path;
ips = [ "10.3.3.3/32" ];
peers = [
{
publicKey = "KzL+PKlv4LktIqqTqC9Esw8dkSZN2qSn/vq76UHbOlY=";
allowedIPs = [ "10.3.3.1/32" ];
endpoint = "hydra.dadada.li:51235";
persistentKeepalive = 25;
}
];
};
};
networking.useDHCP = false;

2
nixos/surgat/configuration.nix
View file

@ -110,7 +110,7 @@ in
peers = [
{
publicKey = "CTKwL6+SJIqKXr1DIHejMDgjoxlWPaT78Pz3+JqcNlw=";
publicKey = "MEFz5bbCtUX/v6pMwRf/H3q3Wo8dG1XwcKzJKXi4VGU=";
allowedIPs = [ "10.3.3.3/32" ];
persistentKeepalive = 25;
}