Remove wireguard interface
This commit is contained in:
parent
943c6f764c
commit
17873ffc4c
2 changed files with 0 additions and 65 deletions
|
@ -1,31 +0,0 @@
|
||||||
private_key: ENC[AES256_GCM,data:HuO60p+jAmsdMbUUF6pcgdsOVW9uU+W1cLn4dvqb9MopCgdukZtRoTwMTFU=,iv:Z1YkYxZBCstfI7aQEhZhT4eGlbjqwQ2VN01Y5HUbO7E=,tag:FXi/mTAiOoYcdXrgKDvt/g==,type:str]
|
|
||||||
preshared_key: ENC[AES256_GCM,data:iFEFO7SMNrLqqpRQF57XSe9+59YdFdTXvP3QKxHkRrOzMRzJqGhi3wrjbAI=,iv:S4OA4GLK8wBkHwtq2Rqo76wxsJd5GJnJMjpPk/zRTAQ=,tag:vZaOaVTOAkuN8HgabOKkyA==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age15va8dthvmn30ymex0kkrrk034aq25drmsx4mkmf480a8uq4tvcyqw5s4uk
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAycG1rZmpXZTExVEtEZVMz
|
|
||||||
NVBqTkNyQ2Noa1hjMFBDVGxOczRadnVaRWhBCmNFSTVoVlcvbDVXTHRpaFlQVE4y
|
|
||||||
UGZHb1lVWEF2N29hMW5QM1V0UVNteHcKLS0tIG1HM2JRdnVabERGODltS3EyM0U3
|
|
||||||
ei9xcG8wY0FnRzJZUEdqeXAzdWtCM0EKHYGaKJRDJ4OlPlCnGlZBTybpYmUQJ6Kg
|
|
||||||
aZlmeezY8JqpFH3zsXfyWuMZ6j6rs63UXVL7vZ3fEloUXHV7F57gVQ==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1y06hfa8ctp3tr7g2rukmst4cl064hxaqfsx8w0yq4tgmcrv7qvksct7mnl
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4RFdoTzlTNU9yem1QTWtj
|
|
||||||
UTYxcWcxYXlGeks3TEw5bWtOczdub1lDRjJFCmdiWi9ZMkF3Vk15Y1VrMTBvM3du
|
|
||||||
ZDRpKytaMTRGZ1g3ZHhhNTlxWkYrS3cKLS0tIGhxSUcyWmRCMVp3Q1daZGt1Tk51
|
|
||||||
d3pqdWU4NXVTMGZ5dTkvNnZyYjdvck0Khp1IPBPKelQ41FPqi/uuPFqN7T0bic8+
|
|
||||||
AKld/MUNWxLIZpbqDeXyfJAJVAbgKdk1lrIYpgshOZNV6u/SHAcmzA==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2024-04-28T02:47:34Z"
|
|
||||||
mac: ENC[AES256_GCM,data:Zq4M8qr5PPOk+uPx/f3C24D4uTL82C1Cs7c5y66aAgnydR1ro9Pu5//Jj4fSOY59aKgeOGmx0DqV3k+1E6FttNy/8qpzJFCCDlgqB/BPqzJElFQ9FlgdCqoMehu9ETys1SgAhWi8aEZZAYbGKFQ/MX6LCAP2zx8NZ/wkbtUEU3E=,iv:k5RnwFwiEAugD/DTpOSCmSzpZCRzdkpTmOS3PTz44/c=,tag:T7HJFVr6VwzHCWIUD/uwXA==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.8.1
|
|
|
@ -17,16 +17,6 @@
|
||||||
|
|
||||||
networking.hostName = "zeus"; # Define your hostname.
|
networking.hostName = "zeus"; # Define your hostname.
|
||||||
networking.hostId = "9e95b576";
|
networking.hostId = "9e95b576";
|
||||||
sops.secrets = {
|
|
||||||
private_key = {
|
|
||||||
sopsFile = ../../secrets/zeus/wireguard.yaml;
|
|
||||||
owner = "systemd-network";
|
|
||||||
};
|
|
||||||
preshared_key = {
|
|
||||||
sopsFile = ../../secrets/zeus/wireguard.yaml;
|
|
||||||
owner = "systemd-network";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
systemd.network.netdevs = {
|
systemd.network.netdevs = {
|
||||||
bond0 = {
|
bond0 = {
|
||||||
netdevConfig = {
|
netdevConfig = {
|
||||||
|
@ -47,25 +37,6 @@
|
||||||
Mode = "bridge";
|
Mode = "bridge";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
wg0 = {
|
|
||||||
netdevConfig = {
|
|
||||||
Name = "wg0";
|
|
||||||
Kind = "wireguard";
|
|
||||||
};
|
|
||||||
wireguardConfig = {
|
|
||||||
PrivateKeyFile = config.sops.secrets.private_key.path;
|
|
||||||
ListenPort = 51821;
|
|
||||||
};
|
|
||||||
wireguardPeers = [{
|
|
||||||
wireguardPeerConfig = {
|
|
||||||
PublicKey = "ZT+n0XONAZ6dkiIJR+2bmTT9y7WTxDNdnZo5S7b8vxE=";
|
|
||||||
AllowedIPs = [ "10.98.0.0/31" ];
|
|
||||||
PresharedKeyFile = config.sops.secrets.preshared_key.path;
|
|
||||||
PersistentKeepalive = 25;
|
|
||||||
Endpoint = "remote.kow.is:51821";
|
|
||||||
};
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
systemd.network.networks = {
|
systemd.network.networks = {
|
||||||
"00-bondage" = {
|
"00-bondage" = {
|
||||||
|
@ -83,10 +54,6 @@
|
||||||
domains = [ "icanttype.org" ];
|
domains = [ "icanttype.org" ];
|
||||||
gateway = [ "10.42.69.1" ];
|
gateway = [ "10.42.69.1" ];
|
||||||
};
|
};
|
||||||
wg0 = {
|
|
||||||
name = "wg0";
|
|
||||||
address = [ "10.98.0.0/31" "fd72:3dd5:21ae:ff1a::1/64" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -270,7 +237,6 @@
|
||||||
dive
|
dive
|
||||||
podman-tui
|
podman-tui
|
||||||
docker-compose
|
docker-compose
|
||||||
wireguard-tools
|
|
||||||
];
|
];
|
||||||
|
|
||||||
services.samba.enable = true;
|
services.samba.enable = true;
|
||||||
|
|
Loading…
Reference in a new issue