diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2024-10-20 12:23:25 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2024-10-20 12:23:25 -0400 |
| commit | a41d7ffe6b3bec0814fefc08e96e9839c19b2e14 (patch) | |
| tree | 079caab7ad497b9f3fcd4b47a6d2247e281b0e29 | |
| parent | a84f1740537f2780758c07d35eae21de69649aed (diff) | |
Update
| -rw-r--r-- | config/vpn-client.nix | 24 | ||||
| -rw-r--r-- | config/vpn-server.nix | 27 | ||||
| -rw-r--r-- | machines/dragon.nix | 1 |
3 files changed, 0 insertions, 52 deletions
diff --git a/config/vpn-client.nix b/config/vpn-client.nix deleted file mode 100644 index 9b493e8..0000000 --- a/config/vpn-client.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ... }: -let - port = (import ../data/aliases.nix).services.wireguard.port; -in -{ - networking.wireguard = { - interfaces = { - wg0 = { - ips = [ "10.35.190.2/23" ]; - privateKeyFile = "/opt/secret/wireguard/wg0.key"; - listenPort = port; - allowedIPsAsRoutes = false; - peers = [ - { - publicKey = "KT4sWKnlvPebJh0pYhGpiZksn4cCwKreB6fQCJV49F8="; - endpoint = "dragon.orbekk.com:${toString port}"; - allowedIPs = ["0.0.0.0/0" "::/0"]; - } - ]; - }; - }; - }; -} - diff --git a/config/vpn-server.nix b/config/vpn-server.nix deleted file mode 100644 index 10b0c17..0000000 --- a/config/vpn-server.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: -let - port = (import ../data/aliases.nix).services.wireguard.port; -in -{ - networking = { - firewall.allowedTCPPorts = [ port ]; - firewall.allowedUDPPorts = [ port ]; - - wireguard = { - interfaces = { - wg0 = { - ips = [ "10.35.190.1/23" ]; - privateKeyFile = "/opt/secret/wireguard/wg0.key"; - listenPort = port; - allowedIPsAsRoutes = false; - peers = [ - { - publicKey = "ULWhaOsAaTu4cu84v3PM4DL7arxc/WNnzI/ic2k1KBU="; - allowedIPs = ["0.0.0.0/0" "::/0"]; - } - ]; - }; - }; - }; - }; -} diff --git a/machines/dragon.nix b/machines/dragon.nix index dbdc1bb..5997dfb 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -4,7 +4,6 @@ let vpnPrefix = "2001:470:8e2e:1000"; in { imports = [ - ../config/keycloak.nix ../config/dns.nix ../config/web-server.nix ../config/cgit.nix |