diff --git a/hosts/chocolatebar/networking.nix b/hosts/chocolatebar/networking.nix index e791d2d..ab7d1b6 100644 --- a/hosts/chocolatebar/networking.nix +++ b/hosts/chocolatebar/networking.nix @@ -16,4 +16,33 @@ ]; privateKeyFile = config.age.secrets.wg-private-key.path; }; + + age.secrets.wg-pub-solar-key.file = "${flake.self}/secrets/wg-pub-solar-chocolatebar.age"; + + pub-solar.wireguard.pub-solar = { + ownIPs = [ + "10.7.6.205/32" + "fd00:fae:fae:fae:fae:205::/96" + ]; + privateKeyFile = config.age.secrets.wg-pub-solar-key.path; + }; + + age.secrets.wg-momo-key.file = "${flake.self}/secrets/wg-momo-chocolatebar.age"; + + pub-solar.wireguard.momo = { + ownIPs = [ + "10.30.30.205/32" + "fd00:3030:3030:3030:3030:205::/96" + ]; + privateKeyFile = config.age.secrets.wg-momo-key.path; + }; + + age.secrets.wg-ehex-key.file = "${flake.self}/secrets/wg-ehex-chocolatebar.age"; + + pub-solar.wireguard.ehex = { + ownIPs = [ + "10.42.0.160/22" + ]; + privateKeyFile = config.age.secrets.wg-ehex-key.path; + }; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 9706669..e208b21 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -100,10 +100,13 @@ in { "wg-tunnel-droppie.age".publicKeys = droppieKeys ++ baseKeys; "wg-pub-solar-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys; + "wg-pub-solar-chocolatebar.age".publicKeys = chocolatebarKeys ++ baseKeys; "wg-momo-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys; + "wg-momo-chocolatebar.age".publicKeys = chocolatebarKeys ++ baseKeys; "wg-ehex-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys; + "wg-ehex-chocolatebar.age".publicKeys = chocolatebarKeys ++ baseKeys; "invoiceplane-db-password.age".publicKeys = pieKeys ++ baseKeys; "invoiceplane-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys; diff --git a/secrets/wg-ehex-chocolatebar.age b/secrets/wg-ehex-chocolatebar.age new file mode 100644 index 0000000..8993d17 Binary files /dev/null and b/secrets/wg-ehex-chocolatebar.age differ diff --git a/secrets/wg-momo-chocolatebar.age b/secrets/wg-momo-chocolatebar.age new file mode 100644 index 0000000..2b43605 --- /dev/null +++ b/secrets/wg-momo-chocolatebar.age @@ -0,0 +1,23 @@ +age-encryption.org/v1 +-> ssh-ed25519 2Ca8Kg KARP9/Lpvln7zsNYrkUFwdFHj4OfpLhDbnblzFn9mHA +Dg6PDAfnEynLa3b08LCB8pV68iTzkEmsgxbLCZhIATk +-> ssh-rsa kFDS0A +eCCqlVYkqIRByTnjkDLTuIVhOWwIcO463ZVtx4iiWBAKkldrw0rH1S2VyY7u/yhU +3NFaCqiAfzAi/vMLdKsb+P8PIfxKj/nVhB8Ye+TsGPC8D7ck/2Hx1A8zg7ha+seq +CO9U8UwaNoLh9ftqHqCr349dQiGnTbD6bqKyJcxW6JPfPH3sSE+u3zd+umpA+dnw +RRuJ9fba0BhiZEhbR1ZJna226LQ8UsPIrhXB69Dma3jzvceEKYyWBGvtwKEo1qMW +Nv4F1J2afM7rPOqKgm4xEi59O6aCWhS8eZnBfCR/LJLUUVaBjG1Q5q+EV5EtlbH9 +uWjQccA/yuTzGNxSWrgBGRdEmMDjDPlrCzETP6rh2X3DLgzi4MsomLXwPUevnmn3 +jbyyGYyXMog+tpejRoJ2VA9W0oCkaV0pNaGXbrF1rqmZAUC9xziShbwY15tJ/+xp +FL04011KcVq0Xj6IXbsgCgiC28uTCfRsvliFAZrzNB+9MTEKYO8sBfbqAdZ+mFro +JBka/hTfGdYGnCMH2xKesS0ASLvUgaYOIGlK5sTltZpob1iM6J4G/3zvAhkyfsDQ +OfnzwWr0epfBjPndZ4o+fI7BTLqY/dbj0pGuBqxCU1gAuhrT126/7TZHuy1MrFMo +1kUv4lWZEtR21x1P1VO7Lh2rgu69TKxW6q6ox3XoA8s +-> piv-p256 zqq/iw AxmMp9GMkv1f4tviXRcNg2FZrRmjItp6wg4iSXKbUS3S +eG1wI1uuKeTHw+Axj29JpMrWUMAtP1N+pwd8oWdCS0E +-> piv-p256 vRzPNw AmdbHubNgYAEw/UoHnQ9KY81bAGaTSPNnodjRlDhSrD6 +ZbxjGVX71cBDcGqI/nOSUJbwmwABM4yuJklLLQpM5iY +-> piv-p256 iW9vVw Ass10+L+YFBcibt8N5Lbce8qtYLXaFBZlofu0qv7x/Xo +HtpoFr0fY1+89ymGBtUae6J8x3tfOfWsL2xacTn5pCA +--- gcYaw1Hv0A3Eescov4JYkUmHY+PYns2+bmg8y7F1rE0 +zh V"i]gArHQNf-5VGȢ"`ANU GX ź!"c \ No newline at end of file diff --git a/secrets/wg-pub-solar-chocolatebar.age b/secrets/wg-pub-solar-chocolatebar.age new file mode 100644 index 0000000..f4d0444 --- /dev/null +++ b/secrets/wg-pub-solar-chocolatebar.age @@ -0,0 +1,24 @@ +age-encryption.org/v1 +-> ssh-ed25519 2Ca8Kg QEtxrfsd34O/JqsJVFAPV/QnHvVFAzF/m6CTMikTSwg +EbSnMAureHOU3whqPIjoTyhfB0VFyDzSHyJGx9wTlD4 +-> ssh-rsa kFDS0A +OexWx1H2A95fy4h/TRK2WB8Mro5c4bMNIzrKwf6YGfaDWmijneIhNxOI6AaG/Zlm +xloI5Cj2jCBCZ0pwKeK5H8jjmtGccR0hcsnt3jT0Z/Sb0Kgb5oo8HQIdgrAq6Yll +0Kz9qwzJlLtOxubukm/6BltgWdqhqvM3pbjsi/3no82sZOGitO5IGB0XzmeiWps+ +hK9PGK90vtQsBNEzMePWFLgDI8ri5MTu6yH0gxFsAYLjJmnzBZE3Bx0kTDrvdVDy +ulJ8gIfcp8UqjaKRo+dSr/BhUbiC7e5rMNM/RBswCbn879UeyuoufQxUEhInAB4h +r/pzpre8FAopdkXRKFAwEPOT3VsE8Zea/bbwgZXQK9WdiWhK67RpdFXFNEo1SbXU +HZCCNDfXqyMkFP4djb3Sn0ioaHCUjFF6FGI021UkTChkKK5zhjdNGR4t2/WlvmHF +8tSgpccG1K789P9IyJ0g4OmwXTprS0ZEOSUO4p/THPoNCm5xLFFuSr7BM7VKXTUD +2OilB8JYCcGDR7PJagmchqnZYWJCJrEBPzMHhjddJAdibJR8C5UJz8+I+L3YR5V5 +6d3GhOXiU80SgnGj+O4kY57wyIRqOrKeigY+DMXZeOrTifFjs0WUsrkI1jmtwuoa +KplaPtluk7DTX0O2RMQwRpMlIJu8fVJ1ogUTGDhcMgw +-> piv-p256 zqq/iw ApmBfyC7pg0XQHRRFj9t9RImcZefA0JUQPUhoVN4AmKX +/W8O5AMRRmkcCaVhZnb1FtK+5tKWVrhinxDoAXYzY+A +-> piv-p256 vRzPNw AzRBrl8vzNDZir/78E3gmCHc3b1TMCTCpFRnpG5cfCzp +Of+yFKBcMGFEhsE2enDLmPNFDeeTjKfhA7A5KiGnma8 +-> piv-p256 iW9vVw Az5xlEJq4KXuQ7tZXY5oEaSGqdcBdxZp7oKxznhdCXze +31xlxQ6CiInnAF3rAeRGAt9JGNwotw9d96ZTspFvxmM +--- WpQ+ln0v5BVMFEZVQqhkmh80sLTk7usJdgwm58WpJ9g +s0ϡr.,9 ItXLFzc\VBhxHߨQRe;vdO{جA ; +8e1 \ No newline at end of file