From 0dfc013122c63071763f9e8aa849e8a9b10e2285 Mon Sep 17 00:00:00 2001 From: clerie Date: Tue, 10 Jun 2025 23:08:38 +0200 Subject: [PATCH] hosts/dn42-il-gw1: Add peer AS4242421718 --- hosts/dn42-il-gw1/configuration.nix | 24 ++++++++++++++++++++++++ hosts/dn42-il-gw1/secrets.json | 13 +++++-------- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix index 57acbb5..970165b 100644 --- a/hosts/dn42-il-gw1/configuration.nix +++ b/hosts/dn42-il-gw1/configuration.nix @@ -140,6 +140,23 @@ ]; privateKeyFile = config.sops.secrets.wg4719.path; }; + # zaphyra + wg1718 = { + ips = [ + "fe80::2574/128" + # peer fe80::6b61/64 + ]; + listenPort = 51718; + allowedIPsAsRoutes = false; + peers = [ + { + allowedIPs = [ "fe80::/10" "fd00::/8" ]; + endpoint = "router-a.dn42.zaphyra.eu:51831"; + publicKey = "Knm6uEpMsTfZAK68Pl98mHORtb8TtswBfYFGznpHUCI="; + } + ]; + privateKeyFile = config.sops.secrets.wg1718.path; + }; }; profiles.clerie.dn42-router = { @@ -198,6 +215,13 @@ remoteAsn = "64719"; localAddress = "fe80::1"; } + { + peerName = "peer_1718"; + remoteAddress = "fe80::6b61"; + interfaceName = "wg1718"; + remoteAsn = "4242421718"; + localAddress = "fe80::2574"; + } ]; }; diff --git a/hosts/dn42-il-gw1/secrets.json b/hosts/dn42-il-gw1/secrets.json index f80b21e..7290601 100644 --- a/hosts/dn42-il-gw1/secrets.json +++ b/hosts/dn42-il-gw1/secrets.json @@ -5,21 +5,18 @@ "wg1272": "ENC[AES256_GCM,data:LU6jtNkNn2Xs+0OH8cD1HJnbHsNNnqlY83lDFa11/dHwVgdFxMtDXMqIMEc=,iv:/A8rWGR6jExa4ms7jTYC0eZVGCvlKw1I58Co41gw3TU=,tag:tIBRkQzFFpEEzflnDrpcOA==,type:str]", "wg1280": "ENC[AES256_GCM,data:F4KLY6jiZNl52ko32nM0iTER0DyHvaCSmxeYAKB0MLUD8l9u1Ugk6kYZnUc=,iv:XcaxnvxM1kE/ahNFX+BH7Jmr9q2Py1vHHqOjFUqs5O8=,tag:a1up4gGFqyHz2lmDRJl3bA==,type:str]", "wg1302": "ENC[AES256_GCM,data:+MzuBPg3ql0/MEnpVvhQTsPIkKB9xnHN9Fk4VlZwK4ijKl+26d6oTSM7/R0=,iv:bPPmhenQLaKTGaDo4rBlKkrXrS1YysRuntbKq6zi2aQ=,tag:lztaTfDGT4kAq+HZMLl0Dw==,type:str]", + "wg1718": "ENC[AES256_GCM,data:lB+j2O15O7ogdB+QdutD3V/h8IREMMlpCsnMJWNPXlz196KM6WNNYCV2v5M=,iv:AwrRPQIFu8A14Vs5A9slkCPMkgU3VZxL1YupJnriEHc=,tag:Vpt0C6SFzUXGotdfc1ocmg==,type:str]", "wg4719": "ENC[AES256_GCM,data:hoOOCUGdYFaAQZ6wkgmQl65M1qArvXa826IeJl+BUGf7UX0vxx9J0C2epTE=,iv:+1JcOgzClehkE0Ihd2mmoenPk51OBZMF0bMqapWah/c=,tag:xI5FU+GJU6BER9/n04ccLA==,type:str]", "wg-monitoring": "ENC[AES256_GCM,data:aw11Ygfll6llabXkuxtbTcCn1eb4NZX1IwArcXoRJCJSgwDrQZ3HLatov3w=,iv:J2VD5XS+BrIKeFb0NW1UYZUuGPkbjFmooZ93PVK31gw=,tag:2XLSa/2s6LRq3L7UdrTs/g==,type:str]", "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, "age": [ { "recipient": "age1f0hscql4f4w7vyukzeu693xfedsl596dpjekc23q77ylp92zsvcqf9u75t", "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3QWdFYjFjTmRVRlV3U3p4\nTSsyc1E0dWtiYjNtVkV2SXJEWkxnTDhLN1Y0Cng4aGlidjhydUVGaFcvK215aGdq\nN0FGajYwa1lPUCsva0tmNkErUGtlOWsKLS0tIG9pLzJEUDA2WWUzd1kzSVZrdVRX\nbUxjQzBCd3p0R1dWTTJaRmZNQjJEUVkKPz6OUQHpYrhRxMdQzpZRR3exVqkG2JvX\nI32PwvbeQK8cgpYwKLGar8U8aiPPm0Y64pID1wedDsNZzLqLOrS3wQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-04-28T09:28:04Z", - "mac": "ENC[AES256_GCM,data:PHdhyie0Ya/nN9Kqj4z+zPyyKZFvGkznkv8Uf3LNSdPKWVtXARZc8Xodm4MjI2HvooryyyMFHkW75Aln02Rlvk3R8oI7rfFZC7s2P+LotumsYgRFf0JOUMxsxOtKW0ehuLy83Bw0rMJQo1gzTgBykcvdc2pkMmALF/vU/1VqgJ4=,iv:0JwcY0Q+8VAiVHYjynhcpsobQXOkK8EBe3QUJ8YUwFE=,tag:9xAcoxAPGxTvHVBydf3u9Q==,type:str]", + "lastmodified": "2025-06-10T20:51:10Z", + "mac": "ENC[AES256_GCM,data:9lF4HV0oJyGHXdtYdMxR7+ev7JLAQVr6kE55nLoZcrbC92MHJzQpgM9XAhIynvwdAmC7ARd3orCn6eYkQJDdNX0JjMtebsBE+H4B7mEUCz8wtTN0iHS+oHmQxrqjnoSw2uHh9udgqAJa+sd6VGU3t2XUuuKtVHPwzROqVgvas9M=,iv:KT+BlFeXGZQc5pbBX+XOsmKEydUtir1LuPvseDkFeqw=,tag:hlRskY6b5EAZkUYs7ph/JA==,type:str]", "pgp": [ { "created_at": "2024-04-28T09:25:37Z", @@ -28,6 +25,6 @@ } ], "unencrypted_suffix": "_unencrypted", - "version": "3.8.1" + "version": "3.10.2" } -} \ No newline at end of file +}