diff --git a/morph/grid/local/README.rst b/morph/grid/local/README.rst index 8887c297bc0e2aa300e27f86ff7a0f08535028a5..0fda58096559a53e0e1091e8f6f138e8c1cc0db8 100644 --- a/morph/grid/local/README.rst +++ b/morph/grid/local/README.rst @@ -33,8 +33,8 @@ If you run an older Nixpkgs, retrieve and use the latest Vagrant development ver NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs/archive/refs/heads/master.tar.gz nix-shell -p vagrant -Generating and deploying keys -````````````````````````````` +Generating keys +``````````````` ``config.json`` has the paths for the Ristretto and the Stripe secret key files. @@ -72,6 +72,16 @@ The ZKAPIssuer.service needs a working TLS certificate and expects it in the cer Move the three .pem files into the payment's server ``/var/lib/letsencrypt/live/payments.localdev/`` directory and issue a ``sudo systemctl restart zkapissuer.service``. +Create Wireguard VPN key pairs in ``PrivateStorageSecrets/monitoringvpn/`` or where you have them:: + + for i in "172.23.23.11" "172.23.23.12" "172.23.23.13" "server"; do + wg genkey | tee ${i}.key | wg pubkey > ${i}.pub + done + +And a shared VPN key for "post-quantum resistance":: + + wg genpsk > preshared.key + Use the local development environment `````````````````````````````````````