add aurore for real

2025-07-24 20:36:09 +02:00 · 2025-07-24 20:36:09 +02:00 · 07322a9e9a
commit 07322a9e9a
parent 4e2d5bb8d4
3 changed files with 84 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -34,6 +34,19 @@ Endpoint = 193.54.193.176:51920
 PersistentKeepalive = 25
 AllowedIPs = 172.19.0.0/17,fc00::/96
 ```
+
+```
+[interface]
+Address = 172.19.130.<id>/32
+Address = fc00:f::130:<id>/128
+PrivateKey = <private.key>
+
+[Peer]
+PublicKey = 6zt1TmDgpOoTYhJVhfJTEWr0HhWcXrpXvtCr7Xldyhg=
+Endpoint = 45.66.111.188:51920
+PersistentKeepalive = 25
+AllowedIPs = 172.19.0.0/17,fc00::/96
+```
 Only one need to be up at a time

 ### SSH
--- a/nodes.nix
+++ b/nodes.nix
@ -581,4 +581,62 @@

        wg-pub = "wUUK+ZfLXMeJLKlcfNpjWEoOR8qI3/1BBazNzUY4rxg=";
    };
+
+    ######################
+    #  Aurore Inventory  #
+    ######################
+
+    bastion-aur-lasuite-federez = {
+        zone = 3;
+        id = 1;
+        system = "x86_64-linux";
+        ver = "25.05";
+        modules = [
+            ./shared/bastion.nix
+        ];
+
+        ip4 = "45.66.111.188/24";
+        gIp4 = "45.66.111.254";
+
+        dev = "ens18";
+
+        fileSystems."/" = { 
+            device = "/dev/disk/by-uuid/4c3698a5-6c56-4f67-9c8c-775021605ff5";
+            fsType = "ext4";
+        };
+        fileSystems."/boot" = { 
+            device = "/dev/disk/by-uuid/38F5-01F3";
+            fsType = "vfat";
+            options = [ "fmask=0077" "dmask=0077" ];
+        };
+
+        wg-pub = "evbfIgNwP4yJ9l4SPyxcmNLcJAbjEezssCdFtNq9TXk=";
+    };
+
+    master-dns-aur-lasuite-federez = {
+        zone = 3;
+        id = 2;
+        system = "x86_64-linux";
+        ver = "25.05";
+        modules = [
+            # TODO
+        ];
+
+        ip4 = "45.66.111.189/24";
+        gIp4 = "45.66.111.254";
+
+        dev = "ens18";
+
+        fileSystems."/" = { 
+            device = "";
+            fsType = "ext4";
+        };
+        fileSystems."/boot" = { 
+            device = "";
+            fsType = "vfat";
+            options = [ "fmask=0077" "dmask=0077" ];
+        };
+
+        wg-pub = "dUWcl8dn7dN0WWZWho7ehmv5uFubm/XG+MQxn4lonV8=";
+    };
 }
--- a/shared/commons/boot.nix
+++ b/shared/commons/boot.nix
@ -4,6 +4,16 @@ let
    # Import nodes
    nodes = import ./../../nodes.nix;
    myNode = nodes."${config.hostName}";
+
+    hasGrub = nd: lib.hasAttr "grubDevice" nd;
+
+    bootLoader = if hasGrub myNode then {
+        grub.enable = true;
+        grub.device = myNode.grubDevice;
+    } else {
+        systemd-boot.enable = true;
+        efi.canTouchEfiVariables = true;
+    };
 in
 {
    imports = [
@ -15,8 +25,8 @@ in
    fileSystems = myNode.fileSystems;

    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
-    boot.loader.grub.enable = true;
-    boot.loader.grub.device = myNode.grubDevice;
+    
+    boot.loader = bootLoader;

    nixpkgs.hostPlatform = lib.mkDefault myNode.system;
 }