From 6d84c37249f56187023f54e15b89550388cefddf Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Wed, 5 Apr 2023 18:55:20 -0700 Subject: hosts/carmel: add wireguard key --- hosts/carmel/networking.nix | 1 + hosts/carmel/secrets/secrets.nix | 9 +++++++++ hosts/carmel/secrets/wireguard_privatekey.age | 13 +++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 hosts/carmel/secrets/secrets.nix create mode 100644 hosts/carmel/secrets/wireguard_privatekey.age (limited to 'hosts') diff --git a/hosts/carmel/networking.nix b/hosts/carmel/networking.nix index 38dd7c8..5662104 100644 --- a/hosts/carmel/networking.nix +++ b/hosts/carmel/networking.nix @@ -107,5 +107,6 @@ in internalInterfaces = [ "mgmt0" "guest" "iot" ]; }; + networking.private-wireguard.enable = true; my.services.tailscale.enable = true; } diff --git a/hosts/carmel/secrets/secrets.nix b/hosts/carmel/secrets/secrets.nix new file mode 100644 index 0000000..c6f0b35 --- /dev/null +++ b/hosts/carmel/secrets/secrets.nix @@ -0,0 +1,9 @@ +let + root = "age1ey5kk4hufygu7wuw4p6dmtxaem08lshuk4p9nj0sw7ynh0lexvrsnudehr"; + fcuny = "age1keyvdhpspgqp4g5zjthdphau5q5qlt6fs0ex0wqnve66dmup9pzqn4sakj"; + backup = "age1fh4960rdrk4d7m4c5lwd3trvw9ylk09dvucj2gd2udy7d5cz2a0svcqws6"; + all = [ root fcuny backup ]; +in +{ + "wireguard_privatekey.age".publicKeys = all; +} diff --git a/hosts/carmel/secrets/wireguard_privatekey.age b/hosts/carmel/secrets/wireguard_privatekey.age new file mode 100644 index 0000000..09c9b6a --- /dev/null +++ b/hosts/carmel/secrets/wireguard_privatekey.age @@ -0,0 +1,13 @@ +age-encryption.org/v1 +-> X25519 FPkiLvi9JeC3vBiE8cEkaTCVbUsGkhabsAe3aGjXQgU +xiMkThXk5jqHpDBRvTfdBaTcp8onJxvT7aANkvgjTbE +-> X25519 oZwPWtnuEOFquxzbvNeO8kj5qhRhZGhncjqh1MpQRH8 +qORK1U5x5WIDqHN54m+mAgTVehF35QYoOF1/HRT07os +-> X25519 6qSLagkBc18qhavfkTlCl17ADvVyWeTKMEUZCIqwaXk +cXuJK0dr3+Vov3agaJDA0o+OEs0fFLaHapNBo9GvHx0 +-> J-grease ~`?4bjZ T9vNE:D N 1$3hAU[ +sMR56U11qdo+L37M02hD/EC6cJKrCaQZc8N2v+I8uXPvPHhRDHp8lQQBmSfyPaG6 +VaenaaWt+hH37CxKv0yJM7PcnHdTI2GshQ3MiWkfWrDlW8B6 +--- 9X5ZgTvWnS9+Z94gRRN2iyDFrixCC9lpFbhhTxnHOOA +Za +A}}%YGVU;@ΰ{eVEmŁa &!q;uB[¸< \ No newline at end of file -- cgit 1.4.1