wireguard/ssh: add pub.solar wireguard config

2024-04-06 02:35:51 +02:00 · 2024-04-06 02:35:51 +02:00 · 9578d0fa1a
parent 3d2b5f7c78
commit 9578d0fa1a
3 changed files with 11 additions and 6 deletions
--- a/modules/wireguard/pub.solar.nix
+++ b/modules/wireguard/pub.solar.nix
@ -25,8 +25,6 @@ in {
    networking.firewall.allowedUDPPorts = [51821];

    systemd.services.wireguard-wg-pub-solar = {
-      enable = false;
-
      after = [
        "network.target"
        "network-online.target"
@ -51,15 +49,19 @@ in {
        ips = cfg.ownIPs;
        privateKeyFile = cfg.privateKeyFile;
        peers = [
-          { 
-            endpoint = "flora6.pub.solar:51820";
+          {
+            endpoint = "flora-6.pub.solar:51820";
            publicKey = "jtSR5G2P/nm9s8WrVc26Xc/SQLupRxyXE+5eIeqlsTU=";
            allowedIPs = [ "10.7.6.2/32" "fd00:fae:fae:fae:fae:2::/96" ];
+            persistentKeepalive = 15;
+            dynamicEndpointRefreshSeconds = 30;
          }
-          { 
+          {
            endpoint = "nachtigall.pub.solar:51820";
            publicKey = "qzNywKY9RvqTnDO8eLik75/SHveaSk9OObilDzv+xkk=";
            allowedIPs = [ "10.7.6.1/32" "fd00:fae:fae:fae:fae:1::/96" ];
+            persistentKeepalive = 15;
+            dynamicEndpointRefreshSeconds = 30;
          }
        ];
      };
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@ -3,9 +3,10 @@ with prev; {
  # keep sources this first
  sources = callPackage (import ./_sources/generated.nix) {};
  # then, call packages with `final.callPackage`
-  # caddy = callPackage (import ./caddy) {};
  check-battery = writeShellScriptBin "check-battery" (import ./check-battery.nix final);
  concourse = import ./concourse.nix final;
+  element-b12f = writeShellScriptBin "element-b12f" (import ./element-desktop.nix { inherit final; profile = "b12f"; });
+  element-mezza = writeShellScriptBin "element-mezza" (import ./element-desktop.nix { inherit final; profile = "mezza"; });
  fetch-hostingde-invoices = import ./fetch-hostingde-invoices final;
  import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final);
  lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final);
--- a/users/b12f/ssh.nix
+++ b/users/b12f/ssh.nix
@ -122,10 +122,12 @@ in {

        "nachtigall.pub.solar" = {
          user = "barkeeper";
+          hostname = "10.7.6.1";
        };

        "flora-6.pub.solar" = {
          user = "barkeeper";
+          hostname = "10.7.6.2";
        };
      };
    };