From 6d84c37249f56187023f54e15b89550388cefddf Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Wed, 5 Apr 2023 18:55:20 -0700 Subject: hosts/carmel: add wireguard key --- configs/wireguard.toml | 4 ++-- hosts/carmel/networking.nix | 1 + hosts/carmel/secrets/secrets.nix | 9 +++++++++ hosts/carmel/secrets/wireguard_privatekey.age | 13 +++++++++++++ 4 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 hosts/carmel/secrets/secrets.nix create mode 100644 hosts/carmel/secrets/wireguard_privatekey.age diff --git a/configs/wireguard.toml b/configs/wireguard.toml index 6061847..f9dee16 100644 --- a/configs/wireguard.toml +++ b/configs/wireguard.toml @@ -10,9 +10,9 @@ ipv4 = 10 key = "SFlgoY+fQDUnI2D6Xp3JhqFKWsZABqahCv8IgKPWizA=" externalIp = "192.168.0.10" -[peers.rtr] +[peers.carmel] ipv4= 1 -key = "P4gxkIoQ9Ep6QqfTquJYbBkMPDJQkVE9v1eYh/uJwG8=" +key = "ifqsPWcc8nxwgpxRHmP6OUtvVYNQJj/CW8QIuxWqXGU=" externalIp = "192.168.0.1" [peers.tahoe] diff --git a/hosts/carmel/networking.nix b/hosts/carmel/networking.nix index 38dd7c8..5662104 100644 --- a/hosts/carmel/networking.nix +++ b/hosts/carmel/networking.nix @@ -107,5 +107,6 @@ in internalInterfaces = [ "mgmt0" "guest" "iot" ]; }; + networking.private-wireguard.enable = true; my.services.tailscale.enable = true; } diff --git a/hosts/carmel/secrets/secrets.nix b/hosts/carmel/secrets/secrets.nix new file mode 100644 index 0000000..c6f0b35 --- /dev/null +++ b/hosts/carmel/secrets/secrets.nix @@ -0,0 +1,9 @@ +let + root = "age1ey5kk4hufygu7wuw4p6dmtxaem08lshuk4p9nj0sw7ynh0lexvrsnudehr"; + fcuny = "age1keyvdhpspgqp4g5zjthdphau5q5qlt6fs0ex0wqnve66dmup9pzqn4sakj"; + backup = "age1fh4960rdrk4d7m4c5lwd3trvw9ylk09dvucj2gd2udy7d5cz2a0svcqws6"; + all = [ root fcuny backup ]; +in +{ + "wireguard_privatekey.age".publicKeys = all; +} diff --git a/hosts/carmel/secrets/wireguard_privatekey.age b/hosts/carmel/secrets/wireguard_privatekey.age new file mode 100644 index 0000000..09c9b6a --- /dev/null +++ b/hosts/carmel/secrets/wireguard_privatekey.age @@ -0,0 +1,13 @@ +age-encryption.org/v1 +-> X25519 FPkiLvi9JeC3vBiE8cEkaTCVbUsGkhabsAe3aGjXQgU +xiMkThXk5jqHpDBRvTfdBaTcp8onJxvT7aANkvgjTbE +-> X25519 oZwPWtnuEOFquxzbvNeO8kj5qhRhZGhncjqh1MpQRH8 +qORK1U5x5WIDqHN54m+mAgTVehF35QYoOF1/HRT07os +-> X25519 6qSLagkBc18qhavfkTlCl17ADvVyWeTKMEUZCIqwaXk +cXuJK0dr3+Vov3agaJDA0o+OEs0fFLaHapNBo9GvHx0 +-> J-grease ~`?4bjZ T9vNE:D N 1$3hAU[ +sMR56U11qdo+L37M02hD/EC6cJKrCaQZc8N2v+I8uXPvPHhRDHp8lQQBmSfyPaG6 +VaenaaWt+hH37CxKv0yJM7PcnHdTI2GshQ3MiWkfWrDlW8B6 +--- 9X5ZgTvWnS9+Z94gRRN2iyDFrixCC9lpFbhhTxnHOOA +Za +A}}%YGVU;@ΰ{eVEmŁa &!q;uB[¸< \ No newline at end of file -- cgit 1.4.1