services/backbone-routing: add Mullvad connection

This commit is contained in:
Max Headroom 2022-05-26 18:09:26 +02:00
parent 70dcacf828
commit 349bd0d307
3 changed files with 37 additions and 0 deletions

View file

@ -11,6 +11,12 @@
group = "root";
mode = "0400";
};
age.secrets.wireguard-key-wgmv = {
file = ../../../../secrets/wireguard-key-wgmv.age;
owner = "root";
group = "root";
mode = "0400";
};
networking.wireguard = {
enable = true;
@ -29,5 +35,24 @@
}
];
};
interfaces.wgmv-es7 = {
ips = [ "10.66.207.76/32" ];
privateKeyFile = config.age.secrets.wireguard-key-wgmv.path;
allowedIPsAsRoutes = false;
peers = [
# es7-wireguard
{
publicKey = "azJb0GofbDjSh2KTPReEeVdB8QVs4QC7E57P7MC7dQg=";
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
endpoint = "45.134.213.207:51820";
}
];
};
};
networking.interfaces = {
wgmv-es7.ipv4.routes = [
{ address = "10.64.0.1"; prefixLength = 32; }
{ address = "10.124.0.0"; prefixLength = 16; }
];
};
}

View file

@ -43,4 +43,5 @@ in with hosts;
"synapse-turn.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"wireguard-key-storm-VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"wireguard-key-wgautobahn.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"wireguard-key-wgmv.age".publicKeys = max ++ map systemKeys [ VEGAS ];
}

View file

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 NO562A eC6bEAR5fxQ1U2tBNdYVBPLBM7rDcFYDDZd1oWtb1Hw
/Efcbzyc8I8SaJW/wh9Lzamp0ZB7jAKxJh73/X+Jy5A
-> ssh-ed25519 5/zT0w J5P8XAcREK8elnqhkfTW+rbd2NrMOT2yJBj0QyxCRDE
jwEJkHJBUTyiailTw6+Z3BytiiGEYtb26b1R+qcnXD8
-> ssh-ed25519 d3WGuA Xc11x0GvIVePn9SsMYc/LT17/JbDGHrSz+gekxvwcgI
1j/dFaRlYVjpdbdHKnnhrmxqUh6YjJbsYV3hZg2I50M
-> Z-grease PGM
XPF0DZ6AXL4QrteN
--- 4MLtCMJYBipDGb9zfTUopTQThvfYP+mMv+B7UzMGx/k
ꇇ”²³ÕÑ×|µ7yöÀêsh÷@:03ÿV§[÷¸Q1™ßL"Ò<>fUÔs*Oº“è#8êÍ ÆÐó_\*£bX9­üÝm