diff options
| author | Franck Cuny <franck@fcuny.net> | 2026-01-03 08:34:27 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2026-01-03 08:34:27 -0800 |
| commit | 1880125b7c35f2823a45baa5b4a8e3f8764729b8 (patch) | |
| tree | c1ca8dabc83cf7c4fc2207ac3208d90ecb78289a | |
| parent | fix (diff) | |
| download | infra-1880125b7c35f2823a45baa5b4a8e3f8764729b8.tar.gz | |
simplify wireguard public key settings
Diffstat (limited to '')
| -rw-r--r-- | machines/argonath.nix | 2 | ||||
| -rw-r--r-- | machines/bree.nix | 2 | ||||
| -rw-r--r-- | machines/rivendell.nix | 2 | ||||
| -rw-r--r-- | modules/host-config.nix | 4 | ||||
| -rw-r--r-- | profiles/wireguard.nix | 13 |
5 files changed, 19 insertions, 4 deletions
diff --git a/machines/argonath.nix b/machines/argonath.nix index 1677600..748ba78 100644 --- a/machines/argonath.nix +++ b/machines/argonath.nix @@ -15,6 +15,8 @@ networking.hostName = "argonath"; + wgPublicKey = "vTItDh9YPnA+8hL1kIK+7EHv0ol3qvhfAfz790miw1w="; + age.secrets.acme-cloudflare-env.file = ../secrets/acme-cloudflare-env.age; system.stateVersion = "25.05"; # Did you read the comment? diff --git a/machines/bree.nix b/machines/bree.nix index a76252f..f20d612 100644 --- a/machines/bree.nix +++ b/machines/bree.nix @@ -21,6 +21,8 @@ networking.useDHCP = lib.mkDefault true; systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; + wgPublicKey = "bJZyQoemudGJQox8Iegebm23c4BNVIxRPy1kmI2l904="; + age.secrets.disk-unlock-key.file = ../secrets/bree/disk-unlock-key.age; age.secrets.disk-passphrase.file = ../secrets/bree/disk-passphrase.age; diff --git a/machines/rivendell.nix b/machines/rivendell.nix index f1e1dd5..7d51604 100644 --- a/machines/rivendell.nix +++ b/machines/rivendell.nix @@ -34,6 +34,8 @@ networking.useDHCP = lib.mkDefault true; systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; + wgPublicKey = "jf7T7TMKQWSgSXhUplldZDV9G2y2BjMmHIAhg5d26ng="; + services = { website = { enable = true; diff --git a/modules/host-config.nix b/modules/host-config.nix index 5bb5e94..7aa4ecb 100644 --- a/modules/host-config.nix +++ b/modules/host-config.nix @@ -5,5 +5,9 @@ type = lib.types.attrs; default = { }; }; + wgPublicKey = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + }; }; } diff --git a/profiles/wireguard.nix b/profiles/wireguard.nix index a080693..9c9b134 100644 --- a/profiles/wireguard.nix +++ b/profiles/wireguard.nix @@ -1,20 +1,25 @@ -{ config, lib, ... }: +{ + config, + lib, + hostConfigurations, + ... +}: let wgHosts = { bree = { ip = 40; - publicKey = "bJZyQoemudGJQox8Iegebm23c4BNVIxRPy1kmI2l904="; + publicKey = hostConfigurations.bree.wgPublicKey; endpoint = "192.168.1.50"; }; argonath = { ip = 51; - publicKey = "vTItDh9YPnA+8hL1kIK+7EHv0ol3qvhfAfz790miw1w="; + publicKey = hostConfigurations.argonath.wgPublicKey; endpoint = "157.230.146.234"; }; rivendell = { ip = 60; - publicKey = "jf7T7TMKQWSgSXhUplldZDV9G2y2BjMmHIAhg5d26ng="; + publicKey = hostConfigurations.rivendell.wgPublicKey; endpoint = "192.168.1.114"; }; }; |