the VM on the synology was reinstalled

All the secrets were re-keyed.

4 files changed, 23 insertions, 7 deletions

diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix
index a67054a..218df5a 100644
--- a/machines/nixos/x86_64-linux/argonath.nix
+++ b/machines/nixos/x86_64-linux/argonath.nix
@@ -31,6 +31,12 @@
       privateKeyFile = config.age.secrets.wireguard.path;
       peers = [
         {
+          # bree
+          publicKey = "bJZyQoemudGJQox8Iegebm23c4BNVIxRPy1kmI2l904=";
+          allowedIPs = [ "10.100.0.40/32" ];
+          persistentKeepalive = 25;
+        }
+        {
           # rivendell
           publicKey = "jf7T7TMKQWSgSXhUplldZDV9G2y2BjMmHIAhg5d26ng=";
           allowedIPs = [ "10.100.0.60/32" ];
diff --git a/machines/nixos/x86_64-linux/bree.nix b/machines/nixos/x86_64-linux/bree.nix
index 7c8a661..7296077 100644
--- a/machines/nixos/x86_64-linux/bree.nix
+++ b/machines/nixos/x86_64-linux/bree.nix
@@ -9,6 +9,7 @@
     ../../../profiles/cgroups.nix
     ../../../profiles/defaults.nix
     ../../../profiles/disk/basic-vm.nix
+    ../../../profiles/hardware/synology-vm.nix
     ../../../profiles/home-manager.nix
     ../../../profiles/server.nix
   ];
diff --git a/machines/nixos/x86_64-linux/iso.nix b/machines/nixos/x86_64-linux/iso.nix
index e914571..89acbf7 100644
--- a/machines/nixos/x86_64-linux/iso.nix
+++ b/machines/nixos/x86_64-linux/iso.nix
@@ -4,18 +4,20 @@
   imports = [
     "${modulesPath}/installer/cd-dvd/channel.nix"
     "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
-    {
-      home-manager.users.${adminUser.name} = {
-        imports = [
-          { home.stateVersion = "25.05"; }
-        ];
-      };
-    }
+    ../../../profiles/home-manager.nix
   ];
 
   boot.loader.grub.efiSupport = true;
   boot.loader.grub.efiInstallAsRemovable = true;
   boot.loader.grub.device = "nodev";
 
+  home-manager = {
+    users.${adminUser.name} = {
+      imports = [
+        ../../../home/profiles/minimal.nix
+      ];
+    };
+  };
+
   system.stateVersion = "25.05"; # Did you read the comment?
 }
diff --git a/machines/nixos/x86_64-linux/rivendell.nix b/machines/nixos/x86_64-linux/rivendell.nix
index 8e8ab20..bd7d01b 100644
--- a/machines/nixos/x86_64-linux/rivendell.nix
+++ b/machines/nixos/x86_64-linux/rivendell.nix
@@ -54,6 +54,13 @@
       privateKeyFile = config.age.secrets.wireguard.path;
       peers = [
         {
+          # bree
+          publicKey = "bJZyQoemudGJQox8Iegebm23c4BNVIxRPy1kmI2l904=";
+          allowedIPs = [ "10.100.0.40/32" ];
+          persistentKeepalive = 25;
+          endpoint = "192.168.1.50:51871";
+        }
+        {
           # argonath
           publicKey = "vTItDh9YPnA+8hL1kIK+7EHv0ol3qvhfAfz790miw1w=";
           allowedIPs = [ "10.100.0.51/32" ];