secrets: add wireguard peers
This commit is contained in:
parent
8b069ab820
commit
2523b764bd
|
@ -1,4 +1,4 @@
|
|||
{ lib, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
|
@ -42,5 +42,7 @@ else {
|
|||
ambroisie.hashedPassword = fileContents ./users/ambroisie/password.txt;
|
||||
root.hashedPassword = fileContents ./users/root/password.txt;
|
||||
};
|
||||
|
||||
wireguard = pkgs.callPackage ./wireguard { };
|
||||
};
|
||||
}
|
||||
|
|
1
secrets/wireguard/.gitattributes
vendored
Normal file
1
secrets/wireguard/.gitattributes
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
/default.nix filter diff
|
BIN
secrets/wireguard/aramis/public.key
Normal file
BIN
secrets/wireguard/aramis/public.key
Normal file
Binary file not shown.
BIN
secrets/wireguard/aramis/secret.key
Normal file
BIN
secrets/wireguard/aramis/secret.key
Normal file
Binary file not shown.
30
secrets/wireguard/default.nix
Normal file
30
secrets/wireguard/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{ lib, ... }:
|
||||
let
|
||||
peerSpec = {
|
||||
# "Server"
|
||||
porthos = {
|
||||
clientNum = 1;
|
||||
externalIp = "91.121.177.163";
|
||||
};
|
||||
|
||||
# "Clients"
|
||||
aramis = {
|
||||
clientNum = 2;
|
||||
};
|
||||
|
||||
richelieu = {
|
||||
clientNum = 3;
|
||||
};
|
||||
};
|
||||
|
||||
makePeer = name: attrs: with lib; {
|
||||
inherit (attrs) clientNum;
|
||||
publicKey = fileContents (./. + "/${name}/public.key");
|
||||
privateKey = fileContents (./. + "/${name}/secret.key");
|
||||
} // optionalAttrs (attrs ? externalIp) {
|
||||
inherit (attrs) externalIp;
|
||||
};
|
||||
in
|
||||
{
|
||||
peers = builtins.mapAttrs makePeer peerSpec;
|
||||
}
|
BIN
secrets/wireguard/porthos/public.key
Normal file
BIN
secrets/wireguard/porthos/public.key
Normal file
Binary file not shown.
BIN
secrets/wireguard/porthos/secret.key
Normal file
BIN
secrets/wireguard/porthos/secret.key
Normal file
Binary file not shown.
BIN
secrets/wireguard/richelieu/public.key
Normal file
BIN
secrets/wireguard/richelieu/public.key
Normal file
Binary file not shown.
BIN
secrets/wireguard/richelieu/secret.key
Normal file
BIN
secrets/wireguard/richelieu/secret.key
Normal file
Binary file not shown.
Loading…
Reference in a new issue