1
0

Compare commits

..

2 Commits

Author SHA1 Message Date
e64e66ecd2 Pin tunnel ips 2021-02-03 18:50:17 +01:00
6fa28acff8 Move porter to another location 2021-02-03 18:46:20 +01:00
3 changed files with 16 additions and 16 deletions

View File

@ -68,7 +68,7 @@
ips = [ "fe80::138:2/64" "169.254.138.2/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "188.34.158.206:50138";
endpoint = "5.45.100.191:50138";
publicKey = "aP6optNE7nVk6coo+USkSDtB62rAc/isfofRML9V2HM=";
persistentKeepalive = 25;
} ];

View File

@ -25,15 +25,15 @@
{ address = "10.152.0.1"; prefixLength = 32; } # Anycast
];
# Network
networking.interfaces.ens3.ipv4.addresses = [ { address = "188.34.158.206"; prefixLength = 32; } ];
networking.interfaces.ens3.ipv6.addresses = [ { address = "2a01:4f8:c010:4c92::1"; prefixLength = 64; } ];
networking.defaultGateway = { address = "172.31.1.1"; interface = "ens3"; };
networking.interfaces.ens3.ipv4.addresses = [ { address = "5.45.100.191"; prefixLength = 22; } ];
networking.interfaces.ens3.ipv6.addresses = [ { address = "2a03:4000:6:48d::1"; prefixLength = 64; } ];
networking.defaultGateway = { address = "5.45.100.1"; interface = "ens3"; };
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
networking.nameservers = [ "213.133.98.98" "213.133.99.99" "213.133.100.100" ];
networking.nameservers = [ "46.38.255.230" "46.38.252.230" ];
networking.wireguard.enable = true;
networking.wireguard.interfaces = {
wg-carbon = {
wg-carbon4 = {
ips = [ "fe80::138:1/64" "169.254.138.1/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
@ -41,18 +41,18 @@
} ];
listenPort = 50138;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-carbon";
privateKeyFile = "/var/src/secrets/wireguard/wg-carbon4";
};
wg-nonat = {
wg-nonat6 = {
ips = [ "fe80::1337:1/64" "169.254.137.1/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "nonat.net.clerie.de:51337";
endpoint = "[2001:638:904:ffca::6]:51337";
publicKey = "Z5HltUKBSOzePqZCJjSsJPZ3UxGjFR4a5Vxmm+ePNRk=";
} ];
listenPort = 51337;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-nonat";
privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
};
};
@ -112,11 +112,11 @@
export all;
};
area 0 {
interface "wg-carbon" {
interface "wg-carbon4" {
cost 80;
type pointopoint;
};
interface "wg-nonat" {
interface "wg-nonat6" {
cost 80;
type pointopoint;
};
@ -130,11 +130,11 @@
export all;
};
area 0 {
interface "wg-carbon" {
interface "wg-carbon4" {
cost 80;
type pointopoint;
};
interface "wg-nonat" {
interface "wg-nonat6" {
cost 80;
type pointopoint;
};

View File

@ -8,13 +8,13 @@
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/d3f901b2-9c2c-4956-938a-2057455107a0";
{ device = "/dev/disk/by-uuid/5cff6266-2474-41e5-9861-6c18ee05a796";
fsType = "ext4";
};