2023-10-19 18:55:56 +00:00
|
|
|
{
|
|
|
|
flake,
|
|
|
|
config,
|
|
|
|
pkgs,
|
2023-11-08 00:16:38 +00:00
|
|
|
lib,
|
2023-10-19 18:55:56 +00:00
|
|
|
...
|
|
|
|
}: {
|
2023-11-07 23:09:49 +00:00
|
|
|
networking.hostName = "droppie";
|
2024-02-04 00:05:28 +00:00
|
|
|
networking.interfaces.enp2s0f0.useDHCP = true;
|
|
|
|
networking.interfaces.enp2s0f1.useDHCP = true;
|
2023-11-07 23:09:49 +00:00
|
|
|
|
2023-11-05 18:46:52 +00:00
|
|
|
networking.interfaces.enp2s0f0 = {
|
2023-11-18 20:44:51 +00:00
|
|
|
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 64; } ];
|
2023-11-05 18:21:28 +00:00
|
|
|
};
|
|
|
|
|
2023-11-06 21:32:44 +00:00
|
|
|
# Allow pub.solar restic backups
|
|
|
|
services.openssh.allowSFTP = true;
|
2024-02-03 19:58:18 +00:00
|
|
|
services.openssh.openFirewall = true;
|
2023-11-06 21:32:44 +00:00
|
|
|
|
2024-02-12 15:46:46 +00:00
|
|
|
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-droppie.age";
|
|
|
|
|
|
|
|
pub-solar.wireguard.private = {
|
2023-11-05 18:21:28 +00:00
|
|
|
ownIPs = [
|
2024-02-08 18:23:22 +00:00
|
|
|
"10.13.12.3/32"
|
2023-11-05 18:21:28 +00:00
|
|
|
"fd00:b12f:acab:1312:acab:3::/96"
|
|
|
|
];
|
2024-02-12 15:46:46 +00:00
|
|
|
privateKeyFile = config.age.secrets.wg-private-key.path;
|
|
|
|
};
|
|
|
|
|
2024-02-12 23:27:30 +00:00
|
|
|
age.secrets.wg-tunnel-key.file = "${flake.self}/secrets/wg-tunnel-droppie.age";
|
2024-02-12 15:46:46 +00:00
|
|
|
|
2024-02-12 23:27:30 +00:00
|
|
|
pub-solar.wireguard.tunnel = {
|
2024-02-12 15:46:46 +00:00
|
|
|
ownIPs = [
|
2024-02-12 23:27:30 +00:00
|
|
|
"10.69.139.214/32"
|
|
|
|
"fc00:bbbb:bbbb:bb01::6:8bd5/128"
|
2024-02-12 15:46:46 +00:00
|
|
|
];
|
2024-02-12 23:27:30 +00:00
|
|
|
privateKeyFile = config.age.secrets.wg-tunnel-key.path;
|
2024-02-12 15:46:46 +00:00
|
|
|
peer = {
|
|
|
|
publicKey = "m9w2Fr0rcN6R1a9HYrGnUTU176rTZIq2pcsovPd9sms=";
|
|
|
|
endpoint = "[2a02:6ea0:d406:1::a18f]:3019";
|
|
|
|
};
|
2023-10-19 18:55:56 +00:00
|
|
|
};
|
|
|
|
}
|