0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add proxy network

Browse source
This commit is contained in:
Grisha Shipunov 2025-01-11 18:45:55 +01:00
parent 33225c4ce4
commit ee7d6d4141
3 changed files with 34 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
modules/wg/default.nix
View file

@ -6,5 +6,6 @@
./options.nix ./options.nix
# networks # networks
./mgmt.nix ./mgmt.nix
./proxy.nix
]; ];
} }

30
modules/wg/proxy.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, ... }:
{
oxalab.wg = [
{
networkName = "0xa-proxy";
CIDRs = [
"10.89.88.0/24"
"fd31:185d:722f::/48"
];
hosts = {
"cloud" = {
address = [
"10.89.88.1/24"
"fd31:185d:722f::1/48"
];
publicKey = "XdUqSz0W6aqJET/9wNwoRyR8mgPs2dRWm+ijNwzEyE0=";
privateKeyFile = config.sops.secrets."wg/0xa-proxy".path;
endpoint = {
enable = true;
endpoint = "188.245.196.27";
port = 51821;
publicIface = "enp1s0";
};
};
};
}
];
}

5
secrets/cloud/secrets.yaml
View file

@ -1,5 +1,6 @@
wg: wg:
0xa-mgmt: ENC[AES256_GCM,data:Xbeo+c8F+0JcTEE/LICWH4tEiqyGwCJ7JJZhkWxNFgKC9hVD6t3sPDWcJ2U=,iv:B0cbrPHdr+eA6FebKL/UrJpE06yOi+nUeyZ7x+Y65go=,tag:yTgVkzSKVhYyNPauVdNZxg==,type:str] 0xa-mgmt: ENC[AES256_GCM,data:Xbeo+c8F+0JcTEE/LICWH4tEiqyGwCJ7JJZhkWxNFgKC9hVD6t3sPDWcJ2U=,iv:B0cbrPHdr+eA6FebKL/UrJpE06yOi+nUeyZ7x+Y65go=,tag:yTgVkzSKVhYyNPauVdNZxg==,type:str]
0xa-proxy: ENC[AES256_GCM,data:LAcfaMPF4IHPtWSUMH2OK/Ez2Ec3YBdtYUiRtu1ApWmww7IdnDze9inl5L4=,iv:NnNzSPfUqQFDoo21LRrlnuLZMzN2uIBBu85wlzOzrd4=,tag:U2Ama40ONwIlEO+hwJymbA==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -15,8 +16,8 @@ sops:
aC9tSTVrY0RFcys0LzZONXhhczNjckEK+3E6zeUkyikrZUD8WFkwWgldVfOez51y aC9tSTVrY0RFcys0LzZONXhhczNjckEK+3E6zeUkyikrZUD8WFkwWgldVfOez51y
EgDsxxynkRx7nX8ASne7pdP6e26hooVsrS2oWW45JXpuKkn0ELv7Xg== EgDsxxynkRx7nX8ASne7pdP6e26hooVsrS2oWW45JXpuKkn0ELv7Xg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-11T01:27:03Z" lastmodified: "2025-01-11T17:28:20Z"
mac: ENC[AES256_GCM,data:Uhi21S5zPjX4+qUR/2hgWj+07TsKKFhNh4fcFBL+EObZAxh02Wry1ktGnXafEhp8xVSgOGxon6DMvM7iZxQXe7NPv2aC2UeOjOzPTOTqHUe810xY6R/NhVOqOTqg8IhgvLiSihUXtBLU2Mynx/mfFfXNsLCWLmGiwg9pZHub9YU=,iv:ztZ8q/woGI9ZYsPc8c0QgpFda0AC9R8vHOtxc2i7Hmk=,tag:1f7AHxKKuPTuhiM5cfjClQ==,type:str] mac: ENC[AES256_GCM,data:ihAoc4uJ6hjsUCVYbI1fzVoC1JfkMWGJYW4xE3AcKxdpkHqgvI/yLNY/awNTDowv5Cy3Ubw/dkocgszf1WThMLDkhWoZNWP1CcYtHp8Kc9moSnPxDutGXGVmCC30jTfG8DqmR0evtgBp4oqriW3trlHHuDyVGhYZeiplW4o9L1A=,iv:ggmE88UwdnKJn46fp81Mw7q56s2nGDssFwIrqCnfIRQ=,tag:Ejrmg/+hbAWbzXoygNJUpQ==,type:str]
pgp: pgp:
- created_at: "2025-01-11T01:25:31Z" - created_at: "2025-01-11T01:25:31Z"
enc: |- enc: |-