chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

wireguard: Make marabethia the leader
All checks were successful
Cachix / build (elendel) (push) Successful in 1m9s
Details
Cachix / build (kholinar) (push) Successful in 2m4s
Details
Cachix / build (lasting-integrity) (push) Successful in 1m4s
Details
Cachix / build (marabethia) (push) Successful in 1m19s
Details
Cachix / build (urithiru) (push) Successful in 1m22s
Details

Browse source
This commit is contained in:
Charlotte Van Petegem 2024-11-11 19:27:55 +01:00
parent aa0476874e
commit 6c612b12f5
No known key found for this signature in database
GPG key ID: 019E764B7184435A
6 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
machines/kholinar/default.nix
View file

@ -27,7 +27,7 @@
path = "rpool/safe/data"; path = "rpool/safe/data";
remotePath = "zdata/recv/kholinar/safe/data"; remotePath = "zdata/recv/kholinar/safe/data";
fast = true; fast = true;
location = "lasting-integrity"; location = "elendel";
} }
]; ];
rootDataset = "rpool/local/root"; rootDataset = "rpool/local/root";

1
machines/lasting-integrity/default.nix
View file

@ -24,7 +24,6 @@
}; };
internalIPV4 = "192.168.0.2"; internalIPV4 = "192.168.0.2";
}; };
wireguard.server = true;
}; };
nix.enableDirenv = false; nix.enableDirenv = false;
zfs = { zfs = {

1
machines/marabethia/default.nix
View file

@ -25,6 +25,7 @@
internalInterface = "eno2"; internalInterface = "eno2";
internalIPV4 = "192.168.0.3"; internalIPV4 = "192.168.0.3";
}; };
wireguard.server = true;
}; };
nix.enableDirenv = true; nix.enableDirenv = true;
zfs = { zfs = {

4
modules/darwin/base/wireguard/default.nix
View file

@ -14,10 +14,10 @@ in
# peers = [ # peers = [
# { # {
# allowedIPs = [ subnet ]; # allowedIPs = [ subnet ];
# endpoint = "lasting-integrity.vanpetegem.me:51820"; # endpoint = "marabethia.vanpetegem.me:51820";
# presharedKeyFile = pskFile; # presharedKeyFile = pskFile;
# persistentKeepalive = 25; # persistentKeepalive = 25;
# publicKey = data.lasting-integrity.pubkey; # publicKey = data.marabethia.pubkey;
# } # }
# ]; # ];
# privateKeyFile = data.${config.networking.hostName}.privkeyFile; # privateKeyFile = data.${config.networking.hostName}.privkeyFile;

8
modules/nixos/base/network/wireguard.nix
View file

@ -66,9 +66,9 @@ in
(builtins.filter (name: name != config.networking.hostName) (builtins.attrNames data))) (builtins.filter (name: name != config.networking.hostName) (builtins.attrNames data)))
else else
([{ ([{
PublicKey = data.lasting-integrity.pubkey; PublicKey = data.marabethia.pubkey;
AllowedIPs = subnet; AllowedIPs = subnet;
Endpoint = "lasting-integrity.vanpetegem.me:51820"; Endpoint = "marabethia.vanpetegem.me:51820";
PresharedKeyFile = pskFile; PresharedKeyFile = pskFile;
PersistentKeepalive = 25; PersistentKeepalive = 25;
}]); }]);
@ -78,7 +78,7 @@ in
name = "wg0"; name = "wg0";
address = [ "${data.${config.networking.hostName}.ip}/32" ]; address = [ "${data.${config.networking.hostName}.ip}/32" ];
domains = [ "internal" ]; domains = [ "internal" ];
dns = [ data.lasting-integrity.ip ]; dns = [ data.marabethia.ip ];
linkConfig.MTUBytes = "1342"; linkConfig.MTUBytes = "1342";
routes = [ routes = [
( (
@ -86,7 +86,7 @@ in
Gateway = "${data.${config.networking.hostName}.ip}"; Gateway = "${data.${config.networking.hostName}.ip}";
Destination = subnet; Destination = subnet;
} else { } else {
Gateway = "${data.lasting-integrity.ip}"; Gateway = "${data.marabethia.ip}";
Destination = subnet; Destination = subnet;
GatewayOnLink = true; GatewayOnLink = true;
} }

2
modules/shared/base/zfs/default.nix
View file

@ -39,7 +39,7 @@
path = "rpool/safe/data"; path = "rpool/safe/data";
remotePath = "zdata/recv/<hostname>/safe/data"; remotePath = "zdata/recv/<hostname>/safe/data";
fast = false; fast = false;
location = "lasting-integrity.vanpetegem.me"; location = "marabethia.vanpetegem.me";
}]; }];
}; };
rootDataset = lib.mkOption { rootDataset = lib.mkOption {