forked from hswaw/hscloud
edge01: deploy kkc wireguard tunnel (never used)
Change-Id: I5f61f00029ac9e86cd4fdcc390d16ec7fa081f51 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1157 Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
parent
848db46bc0
commit
a5b0c13228
1 changed files with 39 additions and 1 deletions
|
@ -58,6 +58,44 @@ in rec {
|
||||||
out = "/var/lib/unbound/rsh.conf";
|
out = "/var/lib/unbound/rsh.conf";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
networking.wireguard.interfaces = {
|
||||||
|
wg-camp = {
|
||||||
|
ips = [
|
||||||
|
"185.236.240.68/31"
|
||||||
|
"2a0d:eb00:2137:1::e/127"
|
||||||
|
];
|
||||||
|
allowedIPsAsRoutes = false;
|
||||||
|
listenPort = 51820;
|
||||||
|
generatePrivateKeyFile = true;
|
||||||
|
privateKeyFile = "/root/camp-wg";
|
||||||
|
peers = [
|
||||||
|
{
|
||||||
|
publicKey = "TbXDHeHwT4/xQ1+l4HH9EzbYUUCU4Pk/r0nsGSw+qUc=";
|
||||||
|
allowedIPs = [
|
||||||
|
"185.236.240.69/32"
|
||||||
|
"185.236.241.0/24"
|
||||||
|
"2a0d:eb00:8007::/48"
|
||||||
|
"2a0d:eb00:2137:1::f/128"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hscloud.routing.static.v6.camp = {
|
||||||
|
table = "aggregate";
|
||||||
|
address = "2a0d:eb00:8007::";
|
||||||
|
prefixLength = 48;
|
||||||
|
via = "2a0d:eb00:2137:1::f";
|
||||||
|
};
|
||||||
|
hscloud.routing.static.v4.camp = {
|
||||||
|
table = "aggregate";
|
||||||
|
address = "185.236.241.0";
|
||||||
|
prefixLength = 24;
|
||||||
|
via = "185.236.240.69";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
hscloud.renameInterfaces = {
|
hscloud.renameInterfaces = {
|
||||||
# Link to Nitronet CPE.
|
# Link to Nitronet CPE.
|
||||||
e1-nnet.mac = "ac:1f:6b:1c:d7:ae";
|
e1-nnet.mac = "ac:1f:6b:1c:d7:ae";
|
||||||
|
@ -172,7 +210,7 @@ in rec {
|
||||||
'';
|
'';
|
||||||
hscloud.routing.originate = {
|
hscloud.routing.originate = {
|
||||||
# WAW prefixes, exposed into internet BGP table.
|
# WAW prefixes, exposed into internet BGP table.
|
||||||
v4.waw = { table = "internet"; address = "185.236.240.0"; prefixLength = 24; };
|
v4.waw = { table = "internet"; address = "185.236.240.0"; prefixLength = 23; };
|
||||||
v6.waw = { table = "internet"; address = "2a0d:eb00::"; prefixLength = 32; };
|
v6.waw = { table = "internet"; address = "2a0d:eb00::"; prefixLength = 32; };
|
||||||
|
|
||||||
# Default gateway via us, exposed into aggregated table.
|
# Default gateway via us, exposed into aggregated table.
|
||||||
|
|
Loading…
Reference in a new issue