cray: Update vpn config

2024-02-03 22:47:03 +01:00 · 2024-02-03 22:47:03 +01:00 · eb01c0bae8
commit eb01c0bae8
parent 945e3ec247
3 changed files with 80 additions and 39 deletions
--- a/machines/cray/tunnel-cccda.nix
+++ b/machines/cray/tunnel-cccda.nix
@ -0,0 +1,38 @@
+{
+  systemd.network = {
+    enable = true;
+    netdevs = {
+      "10-wg-cccda" = {
+        netdevConfig = {
+          Kind = "wireguard";
+          MTUBytes = "1300";
+          Name = "wg-cccda";
+        };
+        extraConfig = ''
+          [WireGuard]
+          PrivateKeyFile=/etc/secrets/wireguard-cccda
+          ListenPort=9919
+
+          [WireGuardPeer]
+          PublicKey=4/Ta8Ms2g5UNxjzSY+2khfH9YK45tUbnipH8Np9wGgk=
+          AllowedIPs=192.168.204.0/24,192.168.201.0/24
+          Endpoint=vpn.darmstadt.ccc.de:443
+        '';
+      };
+    };
+    networks = {
+      "40-wg0-cccda".extraConfig = ''
+        [Match]
+        Name=wg-cccda
+
+        [Network]
+        DHCP=no
+        IPv6AcceptRA=false
+
+        [Address]
+        Address=192.168.204.12/24
+      '';
+    };
+  };
+
+}