diff options
Diffstat (limited to 'makefu/1systems/vbob/config.nix')
| -rw-r--r-- | makefu/1systems/vbob/config.nix | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index f318c0e61..ffd9deaee 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -7,7 +7,8 @@ <stockholm/makefu> { imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ]; - boot.loader.grub.device = "/dev/vda"; + boot.loader.grub.device = "/dev/sda"; + virtualisation.virtualbox.guest.enable = true; } # { # imports = [ @@ -49,6 +50,27 @@ # environment <stockholm/makefu/2configs/tinc/retiolum.nix> + (let + gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; + gateway = "10.0.2.2"; + in { + # make sure the route to gum gets added after the network is online + systemd.services.wireguard-wg0.after = [ "network-online.target" ]; + networking.wireguard.interfaces.wg0 = { + ips = [ "10.244.0.3/24" ]; + privateKeyFile = (toString <secrets>) + "/wireguard.key"; + # explicit route via eth0 to gum + preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; + peers = [ + { # gum + endpoint = "${gum-ip}:51820"; + allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; + publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + persistentKeepalive = 25; + } + ]; + }; + }) ]; networking.extraHosts = import (toString <secrets/extra-hosts.nix>); @@ -90,5 +112,5 @@ 8010 ]; - + systemd.services."serial-getty@ttyS0".enable = true; } |