From fb42564cb0b43a4e47cf59fcced481b46f35feb1 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Wed, 9 Dec 2020 19:06:34 +0100
Subject: [PATCH] Add peer perflyst

---
 hosts/dn42-il-gw1/configuration.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix
index 0857afb..70a2ea0 100644
--- a/hosts/dn42-il-gw1/configuration.nix
+++ b/hosts/dn42-il-gw1/configuration.nix
@@ -131,6 +131,27 @@
       ];
       privateKeyFile = "/var/src/secrets/wireguard/wg1280";
     };
+    # perflyst
+    wg1302 = {
+      ips = [
+        "fe80::a14e/128"
+        # peer fe80::a14d/128
+      ];
+      postSetup = ''
+      ip -6 route flush dev wg1302
+      ip addr del dev wg1302 fe80::a14e/128 && ip addr add dev wg1302 fe80::a14e/128 peer fe80::a14d/128
+      '';
+      listenPort = 51302;
+      allowedIPsAsRoutes = false;
+      peers = [
+        {
+          allowedIPs = [ "fe80::/10" "fd00::/8" ];
+          endpoint = "[2a03:4000:6:f6ed::1]:22574";
+          publicKey = "TSPvvpMY8dCFk6gd58aYtkibtqUn8EzIF6dXP52b3y8=";
+        }
+      ];
+      privateKeyFile = "/var/src/secrets/wireguard/wg1302";
+    };
   };
 
   petabyte.policyrouting = {
@@ -275,6 +296,11 @@
   	source address fde3:4c0d:2836:ff00::21;
   }
 
+  protocol bgp peer_1302 from bgp_peer {
+  	neighbor fe80::a14d%wg1302 as 4242421302;
+  	source address fe80::a14e;
+  }
+
   protocol device {
           scan time 10;
   }