From f3656eff50b73dc7937b0e3b07fbde3189f3e122 Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@privatestorage.io>
Date: Sat, 15 May 2021 01:02:00 +0000
Subject: [PATCH] WIP

---
 morph/lib/make-issuer.nix               | 5 ++---
 nixos/modules/monitoring/vpn/client.nix | 1 +
 nixos/modules/monitoring/vpn/server.nix | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix
index 1365277e..5d0c32b6 100644
--- a/morph/lib/make-issuer.nix
+++ b/morph/lib/make-issuer.nix
@@ -63,9 +63,8 @@
 
   services.private-storage.monitoring.vpn.client = {
     enable = true;
-    privateKeyFile = "/var/secrets/monitoringvpn/client.key";
+    privateKeyFile = /var/secrets/monitoringvpn/client.key;
     ips = ["172.23.23.11/24"];
-    allowedIPs = ["172.23.23.1/32"];
-    endpointPublicKeyFile = "/home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub";
+    endpointPublicKeyFile = /home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub;
   };
 }
diff --git a/nixos/modules/monitoring/vpn/client.nix b/nixos/modules/monitoring/vpn/client.nix
index 897d8e09..4ee5ed4e 100644
--- a/nixos/modules/monitoring/vpn/client.nix
+++ b/nixos/modules/monitoring/vpn/client.nix
@@ -24,6 +24,7 @@ in {
     allowedIPs = lib.mkOption {
       type = lib.types.listOf lib.types.str;
       example = lib.literalExample [ "172.23.23.1/32" ];
+      default = [ "172.23.23.1/32" ];
       description = ''
         Limits which IPs this client receives data from.
       '';
diff --git a/nixos/modules/monitoring/vpn/server.nix b/nixos/modules/monitoring/vpn/server.nix
index 93c5c0d9..8670dca8 100644
--- a/nixos/modules/monitoring/vpn/server.nix
+++ b/nixos/modules/monitoring/vpn/server.nix
@@ -24,7 +24,7 @@ in {
     };
     ips = lib.mkOption {
       type = lib.types.listOf lib.types.str;
-      example = lib.literalExample [ "172.23.23.10/24" ];
+      example = lib.literalExample [ "172.23.23.1/24" ];
       description = ''
         The IP addresses of the interface.
         See https://github.com/NixOS/nixpkgs/blob/nixos-20.09/nixos/modules/services/networking/wireguard.nix .
@@ -49,11 +49,11 @@ in {
       privateKeyFile = toString cfg.server.privateKeyFile;
       peers = [
         { # node1
-          allowedIPs = [ "192.168.42.21/32" ];
+          allowedIPs = [ "172.23.23.11/32" ];
           publicKey = "tZ295cvD98ixt/VH4dwPKNgHf9MuhuzsossOWBOOoGU=";
         }
         { # node2
-          allowedIPs = [ "192.168.42.22/32" ];
+          allowedIPs = [ "172.23.23.12/32" ];
           publicKey = "zDxWTejJDXRRmUiMZPC7eVSCDdyFikN9VI6cqapQ6RY=";
         }
       ];
-- 
GitLab