From fbd485cd86c7e9984819357398f912a2d5510845 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Sep 2023 12:56:39 +0200 Subject: tv: emigrate --- tv/2configs/wiregrill.nix | 37 ------------------------------------- 1 file changed, 37 deletions(-) delete mode 100644 tv/2configs/wiregrill.nix (limited to 'tv/2configs/wiregrill.nix') diff --git a/tv/2configs/wiregrill.nix b/tv/2configs/wiregrill.nix deleted file mode 100644 index cace01a6b..000000000 --- a/tv/2configs/wiregrill.nix +++ /dev/null @@ -1,37 +0,0 @@ -with import ./lib; -{ config, pkgs, ... }: let - cfg = { - enable = cfg.net != null; - net = config.krebs.build.host.nets.wiregrill or null; - }; - toCidrNotation = ip: "${ip.addr}/${toString ip.prefixLength}"; -in - mkIf cfg.enable { - networking.wireguard.interfaces.wiregrill = { - ips = - optional (cfg.net.ip4 != null) cfg.net.ip4.addr ++ - optional (cfg.net.ip6 != null) cfg.net.ip6.addr; - listenPort = 51820; - privateKeyFile = "${config.krebs.secret.directory}/wiregrill.key"; - allowedIPsAsRoutes = true; - peers = mapAttrsToList - (_: host: { - allowedIPs = host.nets.wiregrill.wireguard.subnets; - endpoint = - mkIf (host.nets.wiregrill.via != null) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}"); - persistentKeepalive = mkIf (host.nets.wiregrill.via != null) 61; - publicKey = - replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey; - }) - (filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts); - }; - systemd.network.networks.wiregrill = { - matchConfig.Name = "wiregrill"; - address = - optional (cfg.net.ip4 != null) (toCidrNotation cfg.net.ip4) ++ - optional (cfg.net.ip6 != null) (toCidrNotation cfg.net.ip6); - }; - tv.iptables.extra.filter.INPUT = [ - "-p udp --dport ${toString cfg.net.wireguard.port} -j ACCEPT" - ]; - } -- cgit v1.2.3