VEGAS/peering: switch to es-mad-wg-102, es-mad-wg-202
This commit is contained in:
parent
bec93baa5a
commit
cca00a9089
3 changed files with 13 additions and 7 deletions
|
@ -35,22 +35,28 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
interfaces.wgmv-es1 = {
|
interfaces.wgmv = {
|
||||||
ips = [ "10.65.193.152/32" ];
|
ips = [ "10.65.193.152/32" ];
|
||||||
privateKeyFile = config.age.secrets.wireguard-key-wgmv.path;
|
privateKeyFile = config.age.secrets.wireguard-key-wgmv.path;
|
||||||
allowedIPsAsRoutes = false;
|
allowedIPsAsRoutes = false;
|
||||||
peers = [
|
peers = [
|
||||||
# es1-wireguard
|
# es-mad-wg-102
|
||||||
{
|
{
|
||||||
publicKey = "hDflDse0Nz7GsZ0q5uylWOJaJQ6woJPCGy8IvTXKjzo=";
|
publicKey = "1Wo/cQeVHX2q9k95nxN+48lgkGLsPQ+uesRb/9XdY1Y=";
|
||||||
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
|
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
|
||||||
endpoint = "194.99.104.10:51820";
|
endpoint = "45.134.213.207:51820";
|
||||||
|
}
|
||||||
|
# es-mad-wg-202
|
||||||
|
{
|
||||||
|
publicKey = "iehXacO91FbBqni2IFxedEYPlW2Wvvt9GtRPPPMo9zc=";
|
||||||
|
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
|
||||||
|
endpoint = "146.70.128.226:51820";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networking.interfaces = {
|
networking.interfaces = {
|
||||||
wgmv-es1.ipv4.routes = [
|
wgmv.ipv4.routes = [
|
||||||
{ address = "10.64.0.1"; prefixLength = 32; }
|
{ address = "10.64.0.1"; prefixLength = 32; }
|
||||||
{ address = "10.124.0.0"; prefixLength = 16; }
|
{ address = "10.124.0.0"; prefixLength = 16; }
|
||||||
];
|
];
|
||||||
|
|
|
@ -49,7 +49,7 @@ with tools.nginx;
|
||||||
systemd.services.radarr.serviceConfig.Slice = "mediamanagement.slice";
|
systemd.services.radarr.serviceConfig.Slice = "mediamanagement.slice";
|
||||||
systemd.services.sonarr.serviceConfig.Slice = "mediamanagement.slice";
|
systemd.services.sonarr.serviceConfig.Slice = "mediamanagement.slice";
|
||||||
systemd.services.prowlarr = {
|
systemd.services.prowlarr = {
|
||||||
after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ];
|
after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Slice = "mediamanagement.slice";
|
Slice = "mediamanagement.slice";
|
||||||
IPAddressDeny = [ "any" ];
|
IPAddressDeny = [ "any" ];
|
||||||
|
|
|
@ -59,5 +59,5 @@ in
|
||||||
services.nginx.virtualHosts."search.${tools.meta.domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy links.searxng.url) {
|
services.nginx.virtualHosts."search.${tools.meta.domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy links.searxng.url) {
|
||||||
extraConfig = "access_log off;";
|
extraConfig = "access_log off;";
|
||||||
};
|
};
|
||||||
systemd.services.uwsgi.after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ];
|
systemd.services.uwsgi.after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue