min
/
infra
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity

Add peers

This commit is contained in:
minish 2025-06-05 13:45:51 -04:00
parent 1e5e3256e1
commit 9e7855ceb4
Signed by: min
SSH Key Fingerprint: SHA256:UD/wIBTyCGmuqRq6a1PsiwTehUPikHbuClpnk0U1mdo
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nixos/hosts/silver/services/wireguard.nix
View File

@ -10,6 +10,7 @@ in {
sops.secrets."svc-wireguard-psk-0-2" = {};
sops.secrets."svc-wireguard-psk-1-1" = {};
sops.secrets."svc-wireguard-psk-1-2" = {};
sops.secrets."svc-wireguard-psk-1-3" = {};
sops.secrets."svc-wireguard-psk-2-1" = {};
sops.secrets."svc-wireguard-psk-3-1" = {};
sops.secrets."svc-wireguard-psk-4-1" = {};
@ -47,31 +48,43 @@ in {
peers = [
{
# infra eidola
publicKey = "37FwgVhjem6QCSAzPtdYNwHMPC0YIKpsBOp4Ix23lGU=";
allowedIPs = ["10.193.0.2/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-0-2".path;
}
{
# u1 laptop
publicKey = "ayscoZwIMa9eNciYODZlILrXzfwn0t/2j/qa7/ftUQM=";
allowedIPs = ["10.193.1.1/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-1-1".path;
}
{
# u1 temp server
publicKey = "acLrMesy/gPvmUQKSJY42X9+WlMW9nwc8dYcreivtDo=";
allowedIPs = ["10.193.1.2/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-1-2".path;
}
{
# u1 desktop
publicKey = "oMT4xjH7ASh7dUZV7KF9ZX0lhbACqReMagxYrfTaIm8=";
allowedIPs = ["10.193.1.3/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-1-3".path;
}
{
# u2 desktop
publicKey = "E+cApvpWOfwehlwDxA8paR/fWZq8iozSofTSRA7dBx0=";
allowedIPs = ["10.193.2.1/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-2-1".path;
}
{
# u3 desktop
publicKey = "pUEQnX5+lG7sHydXVWtqLFmDVJ1Mqn/sZOTTwaFwnVc=";
allowedIPs = ["10.193.3.1/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-3-1".path;
}
{
# u4 desktop
publicKey = "mMLd7efRu2BCdv+X+jzRtz1U1EnCU5hzGb7G0x3N7jY=";
allowedIPs = ["10.193.4.1/32"];
presharedKeyFile = config.sops.secrets."svc-wireguard-psk-4-1".path;

5
secrets/silver/default.yaml
View File

@ -12,6 +12,7 @@ svc-wireguard-key: ENC[AES256_GCM,data:dmxJ07UnQAtet4RtlVXEMFLVKxOU44XQcUW7h7UPb
svc-wireguard-psk-0-2: ENC[AES256_GCM,data:0sTGYa3HUe70hYJZnPy9w0iG37aRDTplmdvGdc5C8KN8Dg5XbVc2CmVS1r4=,iv:9Dnr3BYhzKKOZ7S565HY4CkhgPv1JEd3Zk7662/cd9s=,tag:Dd0BLrIjfX0F2lBan59jUg==,type:str]
svc-wireguard-psk-1-1: ENC[AES256_GCM,data:YbxjRleUWTr1+rZyzZ+5vB9Po/V0T1mYhH+H8igjascGV/Oo4lPn1xoYqLg=,iv:+fcWdpRqR7GU5UXug+6GCX9Be5DoE944T5PIm0csgEU=,tag:3mGEL3KYjfSJ9uM+i6Wirg==,type:str]
svc-wireguard-psk-1-2: ENC[AES256_GCM,data:K7tml5C3DEFkyJCf/U/CqNIcYIm4xDTmUQJTNw1AOgnxjWQhcfXDAU9xfME=,iv:h3xL81wHb4itBKo4+wUPbxxlzZNpbM7yfjIryBc+nfg=,tag:+5aXxvMi8j9fH9ZcrUVAUQ==,type:str]
svc-wireguard-psk-1-3: ENC[AES256_GCM,data:66Yw2km4aWUAiy5Gk4diyeUV5AcLh4iJX+nJJLfq06emY9sYu43jUrCGYBc=,iv:FAr0K9CzOnCC3+XC70DZdsi7gtmvr4MZLl66Z+GUi2I=,tag:6AaxexFHSzGQGtk+lSjmjw==,type:str]
svc-wireguard-psk-2-1: ENC[AES256_GCM,data:+80iLdsHE0rtM1rVb4xUfzOwpMSOqgxtuKWg4d7Kj7kDuvrCrHPX83NruNo=,iv:HDfGq2o41qTyUU3PwfUvJJcb88JIcbW3yrfqRY8lBxY=,tag:+jWwRf5vqSriCOKdOu3Qag==,type:str]
svc-wireguard-psk-3-1: ENC[AES256_GCM,data:USX+fQeT+f+ZU8R7pgIXYPBd4f+8BGrFpuJwxCLprkhhxEY2U8kz85zg8Tw=,iv:QxzQyJEIqoT7szXBgE6M2qd0MeO8Y2e4wLRY9PH0x9M=,tag:kWLwR18SVfj52xkN4tJM7g==,type:str]
svc-wireguard-psk-4-1: ENC[AES256_GCM,data:gQmzz0CP3b6aLLe1ucGTHmSpTP9RHDAhpnqkQci8RLdm2gQNIxfU5ASmSW8=,iv:Klq6y+81EqjQXZNDpnmPKhq8+gCtWklq09bzlKwm9Ys=,tag:H0GoCLLcVMC8FtzFx9HyPA==,type:str]
@ -45,7 +46,7 @@ sops:
NVREcHJGWWIvY0Z1OGt4cGN6am1RaXMKAnlb8FOJ1wO5qtcmej57s7rhWjv5wqIn
nCUJX0R7s0/KH3aj98bX/4hQg2ZAw1l+xViOOIfwfRnzLWeyaAnk5A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-31T00:25:25Z"
mac: ENC[AES256_GCM,data:dpaVHzh3xF1A3UgjbtYEmKVk4VQSX5r2e+IMVPruJLgMTmGMByMsWwY+n46XcGUJWem4W60upcU/NL9WCFKwoSBk9lPsbm/w34G0xquAfI9m0m9CoddRRuZfhI4Q/J0jcVAH2JebryVrQXJNUuB2tQ9MkIjXjYIONiMF831O2D0=,iv:ex3+hDvkbW+tWjZqhaOf+WXEvhJTzuGxXffFxUahiiM=,tag:h72Zq8H6gOC6Cl4jJoyBrw==,type:str]
lastmodified: "2025-05-31T03:40:23Z"
mac: ENC[AES256_GCM,data:KXxw3HwdVnQcsVhYfTvn4zxlTjmEqHHdDkKqNkY2keZ99mhQVXhHLU7P63+I5VhZy6sid4ueQ/H2+fM38+twMyDo0xLYkhkJd0pXVGgi5GiN+5JcTVf4NvR1+hEt43XEEfTLzRfeEd3resexNu1C/C9LCEZX5LK3GsOlt/xL1s0=,iv:8T0XfBS+ZSOK7gzoQpBnTu+dMis739AI8s5f48DDy1c=,tag:5lr/C1rCsPChqPsfEu7JTQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2