This commit is contained in:
parent
39fd67c416
commit
aa4e19f25b
5 changed files with 9 additions and 26 deletions
|
@ -9,9 +9,7 @@
|
||||||
}:
|
}:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
initrd = {
|
initrd = {
|
||||||
|
@ -42,9 +40,7 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [
|
swapDevices = [ { device = "/dev/disk/by-uuid/6518c729-a0cb-41b4-acc8-ec219d0afba6"; } ];
|
||||||
{ device = "/dev/disk/by-uuid/6518c729-a0cb-41b4-acc8-ec219d0afba6"; }
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
|
|
@ -14,9 +14,7 @@ let
|
||||||
{
|
{
|
||||||
Endpoint = "129.199.146.230:1194";
|
Endpoint = "129.199.146.230:1194";
|
||||||
PersistentKeepalive = 25;
|
PersistentKeepalive = 25;
|
||||||
AllowedIPs = [
|
AllowedIPs = [ "fdaa::${prefix}:0/64" ];
|
||||||
"fdaa::${prefix}:0/64"
|
|
||||||
];
|
|
||||||
PublicKey = peer.key;
|
PublicKey = peer.key;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
@ -28,9 +26,7 @@ in
|
||||||
networks = {
|
networks = {
|
||||||
"50-wg-mgmt" = {
|
"50-wg-mgmt" = {
|
||||||
name = "wg-mgmt";
|
name = "wg-mgmt";
|
||||||
address = [
|
address = [ "fdaa::${lib.toHexString (dgn-keys.getVpnKey "wg-mgmt" name).id}/64" ];
|
||||||
"fdaa::${lib.toHexString (dgn-keys.getVpnKey "wg-mgmt" name).id}/64"
|
|
||||||
];
|
|
||||||
routes = [
|
routes = [
|
||||||
{
|
{
|
||||||
Destination = "fdaa::/64";
|
Destination = "fdaa::/64";
|
||||||
|
|
|
@ -12,9 +12,7 @@ let
|
||||||
peer = dgn-keys.getVpnKey "wg-mgmt" peerName;
|
peer = dgn-keys.getVpnKey "wg-mgmt" peerName;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
AllowedIPs = [
|
AllowedIPs = [ "fdaa::${prefix}:${lib.toHexString peer.id}/32" ];
|
||||||
"fdaa::${prefix}:${lib.toHexString peer.id}/32"
|
|
||||||
];
|
|
||||||
PublicKey = peer.key;
|
PublicKey = peer.key;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
@ -26,9 +24,7 @@ in
|
||||||
networks = {
|
networks = {
|
||||||
"50-wg-mgmt" = {
|
"50-wg-mgmt" = {
|
||||||
name = "wg-mgmt";
|
name = "wg-mgmt";
|
||||||
address = [
|
address = [ "fdaa::${lib.toHexString (dgn-keys.getVpnKey "wg-mgmt" name).id}/64" ];
|
||||||
"fdaa::${lib.toHexString (dgn-keys.getVpnKey "wg-mgmt" name).id}/64"
|
|
||||||
];
|
|
||||||
routes = [
|
routes = [
|
||||||
{
|
{
|
||||||
Destination = "fdaa::/64";
|
Destination = "fdaa::/64";
|
||||||
|
|
|
@ -1,2 +1 @@
|
||||||
{
|
{ }
|
||||||
}
|
|
||||||
|
|
|
@ -89,18 +89,14 @@ in
|
||||||
name = "20-ens${builtins.toString (20 + i)}";
|
name = "20-ens${builtins.toString (20 + i)}";
|
||||||
value = {
|
value = {
|
||||||
name = "ens${builtins.toString (20 + i)}";
|
name = "ens${builtins.toString (20 + i)}";
|
||||||
address = [
|
address = [ "fdfd:1794:0:${builtins.toString vlan}::${builtins.toString cfg.id}/64" ];
|
||||||
"fdfd:1794:0:${builtins.toString vlan}::${builtins.toString cfg.id}/64"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
}) cfg.connections
|
}) cfg.connections
|
||||||
)
|
)
|
||||||
// {
|
// {
|
||||||
"20-babel-local" = {
|
"20-babel-local" = {
|
||||||
name = "babel-local";
|
name = "babel-local";
|
||||||
address = [
|
address = [ "fdfd:1794::${builtins.toString cfg.id}/64" ];
|
||||||
"fdfd:1794::${builtins.toString cfg.id}/64"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
netdevs = {
|
netdevs = {
|
||||||
|
|
Loading…
Reference in a new issue