add s2s wireguard

2022-09-10 10:27:48 +02:00 · 2022-09-10 10:27:48 +02:00 · 1ee95b1f9c
parent fc55c0addc
commit 1ee95b1f9c
2 changed files with 35 additions and 0 deletions
--- a/list-nix-store.sh
+++ b/list-nix-store.sh
@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+# Small utility to replace `nix path-info --all`
+set -euo pipefail
+
+for file in /nix/store/*; do
+  case "$file" in
+  *.drv)
+    # Avoid .drv as they are not generally useful
+    continue
+    ;;
+  *.drv.chroot)
+    # Avoid .drv.chroot as they are not generally useful
+    continue
+    ;;
+  *.check)
+    # Skip .check file produced by --keep-failed
+    continue
+    ;;
+  *.lock)
+    # Skip .lock files
+    continue
+    ;;
+  *)
+    echo "$file"
+    ;;
+  esac
+done
--- a/nixos/hosts/olympus/wireguard/configuration.nix
+++ b/nixos/hosts/olympus/wireguard/configuration.nix
@ -60,6 +60,14 @@ let vs = config.vault-secrets.secrets; in
        publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8=";
        allowedIPs = [ "10.100.0.4/32" ];
      }
+      {
+        # Aerdenhout
+        # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0
+        # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
+        publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI=";
+        allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24"];
+        endpoint = "80.60.83.220:51820";
+      }
    ];
  };
 }