Refactor public ip handling
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
		| @@ -7,8 +7,6 @@ | ||||
| let | ||||
|   jupiterVpsConfig = inputs.self.nixosConfigurations.jupiter-vps.config; | ||||
|   wireguardPort = jupiterVpsConfig.networking.wireguard.interfaces.wg0.listenPort; | ||||
|   jupiterVpsPublicIPv4 = "51.75.170.190"; | ||||
|   jupiterPublicIPv4 = "51.89.210.124"; | ||||
| in | ||||
| { | ||||
|   sops.secrets."wireguard/client/vps" = { }; | ||||
| @@ -29,21 +27,21 @@ in | ||||
|       { | ||||
|         ips = [ | ||||
|           "10.0.0.2/24" | ||||
|           "${jupiterPublicIPv4}/32" | ||||
|           "${config.networking.publicIPv4}/32" | ||||
|         ]; | ||||
|  | ||||
|         privateKeyFile = config.sops.secrets."wireguard/client/vps".path; | ||||
|  | ||||
|         inherit table; | ||||
|         postSetup = [ "${ip} rule add from ${jupiterPublicIPv4} table ${table}" ]; | ||||
|         postShutdown = [ "${ip} rule del from ${jupiterPublicIPv4} table ${table}" ]; | ||||
|         postSetup = [ "${ip} rule add from ${config.networking.publicIPv4} table ${table}" ]; | ||||
|         postShutdown = [ "${ip} rule del from ${config.networking.publicIPv4} table ${table}" ]; | ||||
|  | ||||
|         peers = [ | ||||
|           { | ||||
|             name = "jupiter-vps"; | ||||
|             allowedIPs = [ "0.0.0.0/0" ]; | ||||
|             publicKey = builtins.readFile "${inputs.secrets}/hosts/jupiter-vps/wireguard_key.pub"; | ||||
|             endpoint = "${jupiterVpsPublicIPv4}:${builtins.toString wireguardPort}"; | ||||
|             endpoint = "${jupiterVpsConfig.networking.publicIPv4}:${builtins.toString wireguardPort}"; | ||||
|             persistentKeepalive = 25; | ||||
|           } | ||||
|         ]; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user