VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Transition to new opnsense setup

Browse source
This commit is contained in:
Vili Sinervä 2025-02-19 03:40:26 +02:00
parent c32ff9713e
commit a53995840e
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
2 changed files with 8 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

15
machine-confs/helium.nix
View file

@ -6,12 +6,9 @@
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
autostart = true; autostart = true;
address = [ address = [ "2001:14ba:a090:39f0::2/64" ];
"fd08:d473:bcca:f0::2/64"
"2001:14ba:a08c:2df0::2/64"
];
dns = [ dns = [
"fd08:d473:bcca::1" "2001:14ba:a090:39f0::1"
"vsinerva.fi" "vsinerva.fi"
]; ];
privateKeyFile = "/root/wireguard-keys/privatekey-home"; privateKeyFile = "/root/wireguard-keys/privatekey-home";
@ -21,11 +18,7 @@
{ {
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34="; publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
presharedKeyFile = "/root/wireguard-keys/psk-home"; presharedKeyFile = "/root/wireguard-keys/psk-home";
allowedIPs = [ allowedIPs = [ "::/0" ];
"fd08:d473:bcca::/64"
"fd08:d473:bcca:f0::/64"
"::/0"
];
endpoint = "wg.vsinerva.fi:51820"; endpoint = "wg.vsinerva.fi:51820";
} }
]; ];
@ -57,7 +50,7 @@
}; };
services.clatd = { services.clatd = {
enable = true; enable = true;
settings.clat-v6-addr = "2001:14ba:a08c:2df0::f2"; settings.clat-v6-addr = "2001:14ba:a090:39f0::c2";
}; };
systemd.services.clatd.wants = [ "wg-quick-wg0.service" ]; systemd.services.clatd.wants = [ "wg-quick-wg0.service" ];

15
machine-confs/lithium.nix
View file

@ -6,12 +6,9 @@
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
autostart = true; autostart = true;
address = [ address = [ "2001:14ba:a090:39f0::3/64" ];
"fd08:d473:bcca:f0::3/64"
"2001:14ba:a08c:2df0::3/64"
];
dns = [ dns = [
"fd08:d473:bcca::1" "2001:14ba:a090:39f0::1"
"vsinerva.fi" "vsinerva.fi"
]; ];
privateKeyFile = "/root/wireguard-keys/privatekey-home"; privateKeyFile = "/root/wireguard-keys/privatekey-home";
@ -21,11 +18,7 @@
{ {
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34="; publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
presharedKeyFile = "/root/wireguard-keys/psk-home"; presharedKeyFile = "/root/wireguard-keys/psk-home";
allowedIPs = [ allowedIPs = [ "::/0" ];
"fd08:d473:bcca::/64"
"fd08:d473:bcca:f0::/64"
"::/0"
];
endpoint = "wg.vsinerva.fi:51820"; endpoint = "wg.vsinerva.fi:51820";
} }
]; ];
@ -39,7 +32,7 @@
}; };
services.clatd = { services.clatd = {
enable = true; enable = true;
settings.clat-v6-addr = "2001:14ba:a08c:2df0::f3"; settings.clat-v6-addr = "2001:14ba:a090:39f0::c3";
}; };
systemd.services.clatd.wants = [ "wg-quick-wg0.service" ]; systemd.services.clatd.wants = [ "wg-quick-wg0.service" ];