os/hosts/droppie/networking.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

48 lines
1.1 KiB
Nix
Raw Normal View History

2023-10-19 18:55:56 +00:00
{
flake,
config,
pkgs,
2023-11-08 00:16:38 +00:00
lib,
2023-10-19 18:55:56 +00:00
...
}: {
networking.hostName = "droppie";
networking.interfaces.enp2s0f0.useDHCP = true;
networking.interfaces.enp2s0f1.useDHCP = true;
networking.interfaces.enp2s0f0 = {
2024-08-18 22:22:59 +00:00
ipv6.addresses = [
{
address = "2a02:908:5b1:e3c0:3::";
prefixLength = 64;
}
];
2023-11-05 18:21:28 +00:00
};
# Allow pub.solar restic backups
services.openssh.allowSFTP = true;
2024-02-12 15:46:46 +00:00
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-droppie.age";
pub-solar.wireguard.private = {
2023-11-05 18:21:28 +00:00
ownIPs = [
"10.13.12.3/32"
2023-11-05 18:21:28 +00:00
"fd00:b12f:acab:1312:acab:3::/96"
];
2024-02-12 15:46:46 +00:00
privateKeyFile = config.age.secrets.wg-private-key.path;
};
age.secrets.wg-tunnel-key.file = "${flake.self}/secrets/wg-tunnel-droppie.age";
2024-02-12 15:46:46 +00:00
pub-solar.wireguard.tunnel = {
2024-02-12 15:46:46 +00:00
ownIPs = [
"10.69.139.214/32"
"fc00:bbbb:bbbb:bb01::6:8bd5/128"
2024-02-12 15:46:46 +00:00
];
privateKeyFile = config.age.secrets.wg-tunnel-key.path;
2024-02-12 15:46:46 +00:00
peer = {
publicKey = "m9w2Fr0rcN6R1a9HYrGnUTU176rTZIq2pcsovPd9sms=";
endpoint = "[2a02:6ea0:d406:1::a18f]:3019";
};
2023-10-19 18:55:56 +00:00
};
}