From 7eb54d5293655d58094a9a91e1be2ba8934b929c Mon Sep 17 00:00:00 2001 From: Asmir A Date: Mon, 22 Apr 2024 18:10:24 +0200 Subject: [PATCH] magpie: add workstation wg --- common/secrets/wg_preshared.yaml | 5 +++-- magpie/configuration.nix | 5 +++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/common/secrets/wg_preshared.yaml b/common/secrets/wg_preshared.yaml index 31af8ba..8120580 100644 --- a/common/secrets/wg_preshared.yaml +++ b/common/secrets/wg_preshared.yaml @@ -1,6 +1,7 @@ wg_preshared: nixy: ENC[AES256_GCM,data:kP+Vt48NMpdBSGjpWzzxt+nqxPNXrofV4kLwgU4o62riB9rxU1CZ4Ddr17k=,iv:xCqR/rbGrJYBkxOpsAg1qxxEGXRD+577JGTNDqshcOQ=,tag:9rAdg6Zw6kVzLxwF1U+pNg==,type:str] mediabox: ENC[AES256_GCM,data:BL9vCUE6wWtmTNPMCvJNZjiAMUWRmLLHOk73v1Z8EOJWcsZ5G3U+08TxBBg=,iv:XTZnF2kMVurTD+TPL0T7uDDu1gGjOdO7AWHXsZS5yO8=,tag:6RIAsbe0Ue4MX28VxzbPCg==,type:str] + workstation: ENC[AES256_GCM,data:x60PMdgihMjtvQagphdO0uft7LLU2grdgeTrO5oSRiqOtb23P5S5SxDQ3Js=,iv:CB8QldIZ8/FjbcAkLxekygUo5luHig7FnH7wyrgZEuk=,tag:E3XWxPH5/fHyFmGimQ4tLg==,type:str] sops: kms: [] gcp_kms: [] @@ -34,8 +35,8 @@ sops: eDhXVWo2UHVCaFUrak9aVEU5N0FxRVEKDKBpbHWwTkW3BFAXQ213/glZyTz88OjZ JHh0phDzFZG0+nzBz3TAi0ZyYnlbOYAuEvQh1uUg9MI1XUCr8GC9Qw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-20T18:39:51Z" - mac: ENC[AES256_GCM,data:VyhkViFZAHM22OxlqzFPRvgJvK/54GhcVS9U3B8HYrZnShxLO5VC2HOVDIvheDflewOv8Wt5wA+kloDv9y/L45Wa/lUPvOser0ruvEYcJBmNiPpxKNoR+/MOIHeUuSMpzBoiCob1LY4qkM8nU4xDU6N1GkPGxbg67UkHcpAfV/U=,iv:P2Xup7rQZibEaGGLpaVsyRPTp4WiJxwO6SuJ7H7eaTc=,tag:y1iTx4PMuTAVvZU72RipIg==,type:str] + lastmodified: "2024-04-22T16:06:34Z" + mac: ENC[AES256_GCM,data:BRgF+L22FuN/v+Vi57JLaTxtAe4Gr8UtY4QIYRUeigpHCkxza+pUd5qyGTIsHeaRFWNy726u9+PlX3uy0MlOt9lzQ1Zlmc+hDthUIHRWX9mqO+j5+klmDvVug5yqr2f7HMtBD+tnEwDr65FuPNKqJjmg1Tbk0RD12yt/gkEAy7w=,iv:aTWVlHEQGNgnIIoJ2IpnppU6lo7g0kI7gxtPM1ZqXvM=,tag:PhZypRZAlmxnKz1Kxtppzg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/magpie/configuration.nix b/magpie/configuration.nix index 10f119c..0899acc 100644 --- a/magpie/configuration.nix +++ b/magpie/configuration.nix @@ -372,6 +372,11 @@ presharedKeyFile = config.sops.secrets."wg_preshared/mediabox".path; allowedIPs = ["10.100.0.5/32"]; } + { + publicKey = builtins.readFile ../common/wg_pubkey_workstation; + presharedKeyFile = config.sops.secrets."wg_preshared/workstation".path; + allowedIPs = ["10.100.0.4/32"]; + } ]; }; };