Make datakami vpn

nixos/machines/blackadder/default.nix

@@ -42,7 +42,7 @@ in
 
     mickey = {
       isNormalUser = true;
-      openssh.authorizedKeys.keys = sshkeys.mickey;
+      openssh.authorizedKeys.keys = sshkeys.mickey ++ sshkeys.bram;
       packages = with pkgs; [
         git cmake gnumake gcc python3 python3.pkgs.pip screen vim
       ];

nixos/roles/workstation.nix

@@ -45,7 +45,7 @@
   # git
   boot.kernel.sysctl."fs.inotify.max_user_watches" = 1024000000;
 
-  yorick.lumi-vpn.enable = true;
+  yorick.lumi-vpn.enable = false;
   yorick.lumi-cache.enable = true;
 
   security.rtkit.enable = true;
@@ -115,4 +115,16 @@
   services.pcscd.enable = true;
   services.xserver.gdk-pixbuf.modulePackages = [ pkgs.webp-pixbuf-loader ];
   hardware.ledger.enable = true;
+
+  networking.wireguard.interfaces.wg-dk = {
+    privateKeyFile =
+      "/home/yorick/datakami/infra/keys/wg.yorick.key";
+    ips = [ "10.100.0.4/32" ];
+    peers = [{
+      publicKey = "teCEYc4KWT6rGchNOp6sIFO0jmkhwTjv6reOzGscAm8=";
+      endpoint = "dk-1.datakami.nl:51820";
+      allowedIPs = [ "10.100.0.0/24" ];
+      persistentKeepalive = 25;
+    }];
+  };
 }