privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

VEGAS/peering: switch to es-mad-wg-102, es-mad-wg-202

Browse source
This commit is contained in:
Max Headroom 2022-12-28 18:59:59 +01:00
parent bec93baa5a
commit cca00a9089
3 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
hosts/VEGAS/services/backbone-routing/peering.nix
View file

@ -35,22 +35,28 @@
} }
]; ];
}; };
interfaces.wgmv-es1 = { interfaces.wgmv = {
ips = [ "10.65.193.152/32" ]; ips = [ "10.65.193.152/32" ];
privateKeyFile = config.age.secrets.wireguard-key-wgmv.path; privateKeyFile = config.age.secrets.wireguard-key-wgmv.path;
allowedIPsAsRoutes = false; allowedIPsAsRoutes = false;
peers = [ peers = [
# es1-wireguard # es-mad-wg-102
{ {
publicKey = "hDflDse0Nz7GsZ0q5uylWOJaJQ6woJPCGy8IvTXKjzo="; publicKey = "1Wo/cQeVHX2q9k95nxN+48lgkGLsPQ+uesRb/9XdY1Y=";
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ]; allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
endpoint = "194.99.104.10:51820"; endpoint = "45.134.213.207:51820";
}
# es-mad-wg-202
{
publicKey = "iehXacO91FbBqni2IFxedEYPlW2Wvvt9GtRPPPMo9zc=";
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
endpoint = "146.70.128.226:51820";
} }
]; ];
}; };
}; };
networking.interfaces = { networking.interfaces = {
wgmv-es1.ipv4.routes = [ wgmv.ipv4.routes = [
{ address = "10.64.0.1"; prefixLength = 32; } { address = "10.64.0.1"; prefixLength = 32; }
{ address = "10.124.0.0"; prefixLength = 16; } { address = "10.124.0.0"; prefixLength = 16; }
]; ];

2
hosts/VEGAS/services/fbi/default.nix
View file

@ -49,7 +49,7 @@ with tools.nginx;
systemd.services.radarr.serviceConfig.Slice = "mediamanagement.slice"; systemd.services.radarr.serviceConfig.Slice = "mediamanagement.slice";
systemd.services.sonarr.serviceConfig.Slice = "mediamanagement.slice"; systemd.services.sonarr.serviceConfig.Slice = "mediamanagement.slice";
systemd.services.prowlarr = { systemd.services.prowlarr = {
after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ]; after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ];
serviceConfig = { serviceConfig = {
Slice = "mediamanagement.slice"; Slice = "mediamanagement.slice";
IPAddressDeny = [ "any" ]; IPAddressDeny = [ "any" ];

2
hosts/VEGAS/services/searxng/default.nix
View file

@ -59,5 +59,5 @@ in
services.nginx.virtualHosts."search.${tools.meta.domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy links.searxng.url) { services.nginx.virtualHosts."search.${tools.meta.domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy links.searxng.url) {
extraConfig = "access_log off;"; extraConfig = "access_log off;";
}; };
systemd.services.uwsgi.after = [ "wireguard-wgmv-es1.service" "network-addresses-wgmv-es1.service" ]; systemd.services.uwsgi.after = [ "wireguard-wgmv.service" "network-addresses-wgmv.service" ];
} }