{ networking = { hosts = { "10.0.0.42" = [ "nomad.service.consul" "nomad.service.cgn-1.consul" ]; "10.0.0.66" = [ "consul.service.cgn-1.consul" ]; "10.0.1.9" = [ "consul.service.lev-1.consul" ]; "10.0.0.70" = [ "vault.service.consul" "vault.service.cgn-1.consul" ]; "10.0.0.200" = [ "headnode.cgn-1" ]; "10.0.0.201" = [ "cn01.cgn-1" ]; "10.0.0.202" = [ "cn02.cgn-1" ]; "10.0.0.205" = [ "cn05.cgn-1" ]; "10.0.0.206" = [ "cn06.cgn-1" ]; "10.0.0.207" = [ "cn07.cgn-1" ]; "10.0.0.208" = [ "cn08.cgn-1" ]; "10.0.1.200" = [ "headnode.lev-1" ]; "10.0.1.201" = [ "cn01.lev-1" ]; "10.0.1.202" = [ "cn02.lev-1" ]; "10.0.1.203" = [ "cn03.lev-1" ]; "10.0.1.204" = [ "cn04.lev-1" ]; "10.0.1.205" = [ "cn05.lev-1" ]; "10.0.1.206" = [ "cn00.lev-1" ]; "10.0.1.207" = [ "cn06.lev-1" ]; "10.0.1.208" = [ "cn07.lev-1" ]; }; interfaces.enp4s0.wakeOnLan.enable = true; wireguard.enable = true; wg-quick.interfaces = { wg0 = { address = [ "10.8.8.7/32" ]; privateKeyFile = "/etc/wireguard/wg0.privatekey"; peers = [ { publicKey = "l0DJLicCrcrixNP6zAWTXNSEaNM2jML253BXEZ1KpiU="; allowedIPs = [ "10.8.8.16/32" "10.0.0.0/24" "10.88.88.0/24" ]; endpoint = "85.88.23.16:51820"; persistentKeepalive = 25; } ]; }; wg1 = { address = [ "10.11.11.6/32" ]; privateKeyFile = "/etc/wireguard/wg1.privatekey"; mtu = 1300; peers = [ { publicKey = "7RRgfZSneqAtAHBeI6+aaYLqz9e1jikg/lIK8mhW928="; presharedKeyFile = "/etc/wireguard/wg1.presharedkey"; allowedIPs = [ "10.11.11.0/24" "192.168.1.0/24" "10.0.1.0/24" ]; endpoint = "80.71.153.1:51820"; #persistentKeepalive = 16; } ]; }; wg2 = { address = [ "10.7.6.204/32" ]; privateKeyFile = "/etc/wireguard/wg2.privatekey"; peers = [ { # nachtigall.pub.solar publicKey = "qzNywKY9RvqTnDO8eLik75/SHveaSk9OObilDzv+xkk="; allowedIPs = [ "10.7.6.1/32" "fd00:fae:fae:fae:fae:1::/96" ]; #endpoint = "138.201.80.102:51820"; endpoint = "[2a01:4f8:172:1c25::1]:51820"; persistentKeepalive = 15; } { # flora-6.pub.solar publicKey = "jtSR5G2P/nm9s8WrVc26Xc/SQLupRxyXE+5eIeqlsTU="; allowedIPs = [ "10.7.6.2/32" "fd00:fae:fae:fae:fae:2::/96" ]; endpoint = "80.71.153.210:51820"; persistentKeepalive = 15; } { # metronom.pub.solar publicKey = "zOSYGO7MfnOOUnzaTcWiKRQM0qqxR3JQrwx/gtEtHmo="; allowedIPs = [ "10.7.6.3/32" "fd00:fae:fae:fae:fae:3::/96" ]; endpoint = "49.13.236.167:51820"; #endpoint = "[2a01:4f8:c2c:7082::]:51820"; persistentKeepalive = 15; } { # tankstelle.pub.solar publicKey = "iRTlY1lB7nPXf2eXzX8ZZDkfMmXyGjff5/joccbP8Cg="; allowedIPs = [ "10.7.6.4/32" "fd00:fae:fae:fae:fae:4::/96" ]; #endpoint = "80.244.242.5:51820"; endpoint = "[2001:4d88:1ffa:26::5]:51820"; persistentKeepalive = 15; } ]; }; #wg1 = { # address = [ "10.13.0.1/32" ]; # privateKeyFile = "/etc/wireguard/wg1.privatekey"; # mtu = 1412; # peers = [ # { # publicKey = "XS3TTIMU7Jp3JJANBpE14RsVDJk6/VUvZgjQgQP8kAs="; # allowedIPs = [ "10.13.0.100/32" "192.168.188.0/24" ]; # endpoint = "[2a00:6020:48ad:dd00:dea6:32ff:fe85:3306]:51820"; # persistentKeepalive = 25; # } # ]; #}; #wg2 = { # address = [ "10.6.6.4/32" ]; # privateKeyFile = "/etc/wireguard/wg2.privatekey"; # peers = [ # { # publicKey = "nYMmaCIW8lZ7SokivN8HXxYDch+SS1G7ab1SC9meDAw="; # presharedKeyFile = "/etc/wireguard/wg2.presharedkey"; # allowedIPs = [ "10.6.6.1/32" "10.1.1.0/24" ]; # endpoint = "85.88.23.127:51820"; # persistentKeepalive = 16; # } # ]; #}; }; }; }