Pin tunnel ips

Move porter to another location
2021-02-03 18:50:17 +01:00 · 2021-02-03 18:46:20 +01:00
3 changed files with 16 additions and 16 deletions
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@ -68,7 +68,7 @@
      ips = [ "fe80::138:2/64" "169.254.138.2/24" ];
      peers = [ {
          allowedIPs = [ "0.0.0.0/0" "::/0" ];
-          endpoint = "188.34.158.206:50138";
+          endpoint = "5.45.100.191:50138";
          publicKey = "aP6optNE7nVk6coo+USkSDtB62rAc/isfofRML9V2HM=";
          persistentKeepalive = 25;
      } ];
--- a/hosts/porter/configuration.nix
+++ b/hosts/porter/configuration.nix
@ -25,15 +25,15 @@
    { address = "10.152.0.1"; prefixLength = 32; } # Anycast
  ];
  # Network
-  networking.interfaces.ens3.ipv4.addresses = [ { address = "188.34.158.206"; prefixLength = 32; } ];
+  networking.interfaces.ens3.ipv4.addresses = [ { address = "5.45.100.191"; prefixLength = 22; } ];
-  networking.interfaces.ens3.ipv6.addresses = [ { address = "2a01:4f8:c010:4c92::1"; prefixLength = 64; } ];
+  networking.interfaces.ens3.ipv6.addresses = [ { address = "2a03:4000:6:48d::1"; prefixLength = 64; } ];
-  networking.defaultGateway = { address = "172.31.1.1"; interface = "ens3"; };
+  networking.defaultGateway = { address = "5.45.100.1"; interface = "ens3"; };
  networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
-  networking.nameservers = [ "213.133.98.98" "213.133.99.99" "213.133.100.100" ];
+  networking.nameservers = [ "46.38.255.230" "46.38.252.230" ];
  networking.wireguard.enable = true;
  networking.wireguard.interfaces = {
-    wg-carbon = {
+    wg-carbon4 = {
      ips = [ "fe80::138:1/64" "169.254.138.1/24" ];
      peers = [ {
          allowedIPs = [ "0.0.0.0/0" "::/0" ];
@ -41,18 +41,18 @@
      } ];
      listenPort = 50138;
      allowedIPsAsRoutes = false;
-      privateKeyFile = "/var/src/secrets/wireguard/wg-carbon";
+      privateKeyFile = "/var/src/secrets/wireguard/wg-carbon4";
    };
-    wg-nonat = {
+    wg-nonat6 = {
      ips = [ "fe80::1337:1/64" "169.254.137.1/24" ];
      peers = [ {
          allowedIPs = [ "0.0.0.0/0" "::/0" ];
-          endpoint = "nonat.net.clerie.de:51337";
+          endpoint = "[2001:638:904:ffca::6]:51337";
          publicKey = "Z5HltUKBSOzePqZCJjSsJPZ3UxGjFR4a5Vxmm+ePNRk=";
      } ];
      listenPort = 51337;
      allowedIPsAsRoutes = false;
-      privateKeyFile = "/var/src/secrets/wireguard/wg-nonat";
+      privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
    };
  };
@ -112,11 +112,11 @@
      export all;
    };
    area 0 {
-      interface "wg-carbon" {
+      interface "wg-carbon4" {
        cost 80;
        type pointopoint;
      };
-      interface "wg-nonat" {
+      interface "wg-nonat6" {
        cost 80;
        type pointopoint;
      };
@ -130,11 +130,11 @@
      export all;
    };
    area 0 {
-      interface "wg-carbon" {
+      interface "wg-carbon4" {
        cost 80;
        type pointopoint;
      };
-      interface "wg-nonat" {
+      interface "wg-nonat6" {
        cost 80;
        type pointopoint;
      };
--- a/hosts/porter/hardware-configuration.nix
+++ b/hosts/porter/hardware-configuration.nix
@ -8,13 +8,13 @@
    [ (modulesPath + "/profiles/qemu-guest.nix")
    ];
-  boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];
  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/d3f901b2-9c2c-4956-938a-2057455107a0";
+    { device = "/dev/disk/by-uuid/5cff6266-2474-41e5-9861-6c18ee05a796";
      fsType = "ext4";
    };
Author	SHA1	Message	Date
clerie	e64e66ecd2	Pin tunnel ips	2021-02-03 18:50:17 +01:00
clerie	6fa28acff8	Move porter to another location	2021-02-03 18:46:20 +01:00