2configs: clanCore -> clan.core

This commit is contained in:
makefu 2024-08-30 21:33:33 +02:00
parent 785a51ad63
commit 0767f51cda
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
7 changed files with 11 additions and 11 deletions

View file

@ -1,8 +1,8 @@
{ config, ... }:
# back up all state
let
sshkey = config.sops.secrets."${config.clanCore.machineName}-borg.priv".path;
phrase = config.sops.secrets."${config.clanCore.machineName}-borg.pw".path;
sshkey = config.sops.secrets."${config.clan.core.machineName}-borg.priv".path;
phrase = config.sops.secrets."${config.clan.core.machineName}-borg.pw".path;
in
{
services.borgbackup.jobs.state = {

View file

@ -1,6 +1,6 @@
{ config, ... }: {
services.openssh.hostKeys = [
{ bits = 4096; path = config.sops.secrets."${config.clanCore.machineName}-ssh_host_rsa_key".path; type = "rsa"; }
{ path = config.sops.secrets."${config.clanCore.machineName}-ssh_host_ed25519_key".path; type = "ed25519"; } ];
{ bits = 4096; path = config.sops.secrets."${config.clan.core.machineName}-ssh_host_rsa_key".path; type = "rsa"; }
{ path = config.sops.secrets."${config.clan.core.machineName}-ssh_host_ed25519_key".path; type = "ed25519"; } ];
}

View file

@ -20,8 +20,8 @@ in {
x.id = "ETMOWBT-XOYB7LJ-J4OKD7U-WHBEAP5-MPAHKXM-O4GGRKM-WERF7R4-MRS7EAU"; # override config for x
omo.id = "Y5OTK3S-JOJLAUU-KTBXKUW-M7S5UEQ-MMQPUK2-7CXO5V6-NOUDLKP-PRGAFAK";
};
key = config.sops.secrets."${config.clanCore.machineName}-syncthing.key".path;
cert = config.sops.secrets."${config.clanCore.machineName}-syncthing.cert".path;
key = config.sops.secrets."${config.clan.core.machineName}-syncthing.key".path;
cert = config.sops.secrets."${config.clan.core.machineName}-syncthing.cert".path;
};
};
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;

View file

@ -12,8 +12,8 @@
LocalDiscovery = no
''}
'';
privkey = config.sops.secrets."${config.clanCore.machineName}-retiolum.rsa_key.priv".path;
privkey_ed25519 = config.sops.secrets."${config.clanCore.machineName}-retiolum.ed25519_key.priv".path;
privkey = config.sops.secrets."${config.clan.core.machineName}-retiolum.rsa_key.priv".path;
privkey_ed25519 = config.sops.secrets."${config.clan.core.machineName}-retiolum.ed25519_key.priv".path;
};
environment.systemPackages = [ pkgs.tinc ];
networking.firewall.allowedTCPPorts = [ config.krebs.build.host.nets.retiolum.tinc.port ];

View file

@ -22,7 +22,7 @@ in { # wireguard server
networking.wireguard.interfaces.wg0 = {
ips = [ "10.244.0.1/24" ];
listenPort = 51820;
privateKeyFile = config.sops.secrets."${config.clanCore.machineName}-wireguard.key".path;
privateKeyFile = config.sops.secrets."${config.clan.core.machineName}-wireguard.key".path;
# allowedIPsAsRoutes = true;
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE

View file

@ -25,7 +25,7 @@ in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) {
(optional (!isNull self.ip4) self.ip4.addr) ++
(optional (!isNull self.ip6) self.ip6.addr);
listenPort = self.wireguard.port;
privateKeyFile = config.sops.secrets."${config.clanCore.machineName}-wiregrill.key".path;
privateKeyFile = config.sops.secrets."${config.clan.core.machineName}-wiregrill.key".path;
allowedIPsAsRoutes = true;
peers = let
host = config.krebs.hosts.gum;

View file

@ -85,7 +85,7 @@ in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) {
(optional (!isNull self.ip4) self.ip4.addr) ++
(optional (!isNull self.ip6) self.ip6.addr);
listenPort = self.wireguard.port;
privateKeyFile = config.sops.secrets."${config.clanCore.machineName}-wiregrill.key".path;
privateKeyFile = config.sops.secrets."${config.clan.core.machineName}-wiregrill.key".path;
allowedIPsAsRoutes = true;
peers = mapAttrsToList
(_: host: {