From 945576120e69443d54fb309a346c7e615b7300be Mon Sep 17 00:00:00 2001 From: Yorick van Pelt Date: Wed, 24 Apr 2024 16:57:50 +0200 Subject: [PATCH] Make datakami vpn --- nixos/machines/blackadder/default.nix | 2 +- nixos/roles/workstation.nix | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/nixos/machines/blackadder/default.nix b/nixos/machines/blackadder/default.nix index bf7c7f6..17a8430 100644 --- a/nixos/machines/blackadder/default.nix +++ b/nixos/machines/blackadder/default.nix @@ -42,7 +42,7 @@ in mickey = { isNormalUser = true; - openssh.authorizedKeys.keys = sshkeys.mickey; + openssh.authorizedKeys.keys = sshkeys.mickey ++ sshkeys.bram; packages = with pkgs; [ git cmake gnumake gcc python3 python3.pkgs.pip screen vim ]; diff --git a/nixos/roles/workstation.nix b/nixos/roles/workstation.nix index 17a4afe..677641d 100644 --- a/nixos/roles/workstation.nix +++ b/nixos/roles/workstation.nix @@ -45,7 +45,7 @@ # git boot.kernel.sysctl."fs.inotify.max_user_watches" = 1024000000; - yorick.lumi-vpn.enable = true; + yorick.lumi-vpn.enable = false; yorick.lumi-cache.enable = true; security.rtkit.enable = true; @@ -115,4 +115,16 @@ services.pcscd.enable = true; services.xserver.gdk-pixbuf.modulePackages = [ pkgs.webp-pixbuf-loader ]; hardware.ledger.enable = true; + + networking.wireguard.interfaces.wg-dk = { + privateKeyFile = + "/home/yorick/datakami/infra/keys/wg.yorick.key"; + ips = [ "10.100.0.4/32" ]; + peers = [{ + publicKey = "teCEYc4KWT6rGchNOp6sIFO0jmkhwTjv6reOzGscAm8="; + endpoint = "dk-1.datakami.nl:51820"; + allowedIPs = [ "10.100.0.0/24" ]; + persistentKeepalive = 25; + }]; + }; }