From cca00a90898ad29d9c7fdee6b89b8088f93d38c1 Mon Sep 17 00:00:00 2001 From: Max Date: Wed, 28 Dec 2022 18:59:59 +0100 Subject: [PATCH] VEGAS/peering: switch to es-mad-wg-102, es-mad-wg-202 --- .../VEGAS/services/backbone-routing/peering.nix | 16 +++++++++++----- hosts/VEGAS/services/fbi/default.nix | 2 +- hosts/VEGAS/services/searxng/default.nix | 2 +- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/hosts/VEGAS/services/backbone-routing/peering.nix b/hosts/VEGAS/services/backbone-routing/peering.nix index ba948a1..135847e 100644 --- a/hosts/VEGAS/services/backbone-routing/peering.nix +++ b/hosts/VEGAS/services/backbone-routing/peering.nix @@ -35,22 +35,28 @@ } ]; }; - interfaces.wgmv-es1 = { + interfaces.wgmv = { ips = [ "10.65.193.152/32" ]; privateKeyFile = config.age.secrets.wireguard-key-wgmv.path; allowedIPsAsRoutes = false; peers = [ - # es1-wireguard + # es-mad-wg-102 { - publicKey = "hDflDse0Nz7GsZ0q5uylWOJaJQ6woJPCGy8IvTXKjzo="; + publicKey = "1Wo/cQeVHX2q9k95nxN+48lgkGLsPQ+uesRb/9XdY1Y="; allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ]; - endpoint = "194.99.104.10:51820"; + endpoint = "45.134.213.207:51820"; + } + # es-mad-wg-202 + { + publicKey = "iehXacO91FbBqni2IFxedEYPlW2Wvvt9GtRPPPMo9zc="; + allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ]; + endpoint = "146.70.128.226:51820"; } ]; }; }; networking.interfaces = { - wgmv-es1.ipv4.routes = [ + wgmv.ipv4.routes = [ { address = "10.64.0.1"; prefixLength = 32; } { address = "10.124.0.0"; prefixLength = 16; } ]; diff --git a/hosts/VEGAS/services/fbi/default.nix b/hosts/VEGAS/services/fbi/default.nix index 74f7755..ce9626e 100644 --- a/hosts/VEGAS/services/fbi/default.nix +++ b/hosts/VEGAS/services/fbi/default.nix @@ -49,7 +49,7 @@ with tools.nginx; systemd.services.radarr.serviceConfig.Slice = "mediamanagement.slice"; systemd.services.sonarr.serviceConfig.Slice = "mediamanagement.slice"; systemd.services.prowlarr = { - after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ]; + after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ]; serviceConfig = { Slice = "mediamanagement.slice"; IPAddressDeny = [ "any" ]; diff --git a/hosts/VEGAS/services/searxng/default.nix b/hosts/VEGAS/services/searxng/default.nix index 1f86979..6d53ba3 100644 --- a/hosts/VEGAS/services/searxng/default.nix +++ b/hosts/VEGAS/services/searxng/default.nix @@ -59,5 +59,5 @@ in services.nginx.virtualHosts."search.${tools.meta.domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy links.searxng.url) { extraConfig = "access_log off;"; }; - systemd.services.uwsgi.after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ]; + systemd.services.uwsgi.after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ]; }