Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-28 14:50:55 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: move vpn ip from lisa to akhaten

Browse source
This commit is contained in:
Julien Malka 2024-09-04 15:30:04 +02:00
parent 23fc74efa6
commit 74f98b7f03
Signed by: Luj
GPG key ID: 6FC74C847011FD83
2 changed files with 57 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
machines/akhaten/default.nix
View file

@ -43,6 +43,7 @@
networking.useNetworkd = true; networking.useNetworkd = true;
systemd.network = { systemd.network = {
enable = true; enable = true;
config.networkConfig.IPv4Forwarding = true;
networks = { networks = {
"10-wan" = { "10-wan" = {
@ -55,7 +56,14 @@
{ Address = "163.172.91.82/24"; } { Address = "163.172.91.82/24"; }
{ Address = "2001:0bc8:3d24::45/64"; } { Address = "2001:0bc8:3d24::45/64"; }
]; ];
gateway = [ "163.172.91.1" ]; routes = [
{
routeConfig = {
Gateway = "163.172.91.1";
Destination = "0.0.0.0/0";
};
}
];
dhcpV6Config = { dhcpV6Config = {
DUIDRawData = "00:01:62:7c:0e:d3:27:5b"; DUIDRawData = "00:01:62:7c:0e:d3:27:5b";
DUIDType = "link-layer"; DUIDType = "link-layer";
@ -70,8 +78,54 @@
linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "routable";
}; };
"30-wg0" = {
matchConfig.Name = "wg0";
address = [
"10.100.45.1/24"
"fc00::1/64"
];
networkConfig.IPMasquerade = "ipv4";
};
}; };
netdevs = {
"10-wg0" = {
netdevConfig = {
Kind = "wireguard";
Name = "wg0";
MTUBytes = "1300";
};
wireguardConfig = {
PrivateKeyFile = "/srv/wg-private";
ListenPort = 51821;
};
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "axigTezuClSoQlxWvpdzXKXUDjrrQlswE50ox0uDLR0=";
AllowedIPs = [ "10.100.45.2/32" ];
};
}
{
wireguardPeerConfig = {
PublicKey = "ElVrxNiYvV13hEDtqZNw4kLF7UiPTXziz8XgqABB0AU=";
AllowedIPs = [ "10.100.45.3/32" ];
};
}
];
};
};
}; };
networking.firewall.allowedUDPPorts = [
51821
];
networking.firewall.allowedTCPPorts = [
51821
];
system.stateVersion = "24.11"; system.stateVersion = "24.11";
} }

3
machines/gustave/default.nix
View file

@ -2,6 +2,7 @@
pkgs, pkgs,
inputs, inputs,
profiles, profiles,
lib,
... ...
}: }:
{ {
@ -53,7 +54,7 @@
wireguardPeerConfig = { wireguardPeerConfig = {
PublicKey = "oYsN1Qy+a7dwVOKapN5s5KJOmhSflLHZqh+GLMeNpHw="; PublicKey = "oYsN1Qy+a7dwVOKapN5s5KJOmhSflLHZqh+GLMeNpHw=";
AllowedIPs = [ "0.0.0.0/0" ]; AllowedIPs = [ "0.0.0.0/0" ];
Endpoint = "[2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb]:51821"; Endpoint = "[${lib.snowfield.akhaten.ips.public.ipv6}]:51821";
PersistentKeepalive = 25; PersistentKeepalive = 25;
}; };
} }