From 97469b374600319eb44812eb3e59723bfa57ba1f Mon Sep 17 00:00:00 2001 From: Florian Sesser <florian@privatestorage.io> Date: Tue, 25 May 2021 22:09:52 +0000 Subject: [PATCH] Add docs on how to create VPN keypairs --- morph/grid/local/README.rst | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/morph/grid/local/README.rst b/morph/grid/local/README.rst index 8887c297..0fda5809 100644 --- a/morph/grid/local/README.rst +++ b/morph/grid/local/README.rst @@ -33,8 +33,8 @@ If you run an older Nixpkgs, retrieve and use the latest Vagrant development ver NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs/archive/refs/heads/master.tar.gz nix-shell -p vagrant -Generating and deploying keys -````````````````````````````` +Generating keys +``````````````` ``config.json`` has the paths for the Ristretto and the Stripe secret key files. @@ -72,6 +72,16 @@ The ZKAPIssuer.service needs a working TLS certificate and expects it in the cer Move the three .pem files into the payment's server ``/var/lib/letsencrypt/live/payments.localdev/`` directory and issue a ``sudo systemctl restart zkapissuer.service``. +Create Wireguard VPN key pairs in ``PrivateStorageSecrets/monitoringvpn/`` or where you have them:: + + for i in "172.23.23.11" "172.23.23.12" "172.23.23.13" "server"; do + wg genkey | tee ${i}.key | wg pubkey > ${i}.pub + done + +And a shared VPN key for "post-quantum resistance":: + + wg genpsk > preshared.key + Use the local development environment ````````````````````````````````````` -- GitLab