Skip to content
Snippets Groups Projects
Commit f3656eff authored by Florian Sesser's avatar Florian Sesser
Browse files

WIP

parent e6dc3541
Branches
No related tags found
No related merge requests found
......@@ -63,9 +63,8 @@
services.private-storage.monitoring.vpn.client = {
enable = true;
privateKeyFile = "/var/secrets/monitoringvpn/client.key";
privateKeyFile = /var/secrets/monitoringvpn/client.key;
ips = ["172.23.23.11/24"];
allowedIPs = ["172.23.23.1/32"];
endpointPublicKeyFile = "/home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub";
endpointPublicKeyFile = /home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub;
};
}
......@@ -24,6 +24,7 @@ in {
allowedIPs = lib.mkOption {
type = lib.types.listOf lib.types.str;
example = lib.literalExample [ "172.23.23.1/32" ];
default = [ "172.23.23.1/32" ];
description = ''
Limits which IPs this client receives data from.
'';
......
......@@ -24,7 +24,7 @@ in {
};
ips = lib.mkOption {
type = lib.types.listOf lib.types.str;
example = lib.literalExample [ "172.23.23.10/24" ];
example = lib.literalExample [ "172.23.23.1/24" ];
description = ''
The IP addresses of the interface.
See https://github.com/NixOS/nixpkgs/blob/nixos-20.09/nixos/modules/services/networking/wireguard.nix .
......@@ -49,11 +49,11 @@ in {
privateKeyFile = toString cfg.server.privateKeyFile;
peers = [
{ # node1
allowedIPs = [ "192.168.42.21/32" ];
allowedIPs = [ "172.23.23.11/32" ];
publicKey = "tZ295cvD98ixt/VH4dwPKNgHf9MuhuzsossOWBOOoGU=";
}
{ # node2
allowedIPs = [ "192.168.42.22/32" ];
allowedIPs = [ "172.23.23.12/32" ];
publicKey = "zDxWTejJDXRRmUiMZPC7eVSCDdyFikN9VI6cqapQ6RY=";
}
];
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment