No description

Find a file

Asyncnomi 86829c93a1 force restart event for zone-lf on changes		2025-07-27 02:16:26 +02:00
secrets	add dns role	2025-07-26 22:52:35 +02:00
shared	force restart event for zone-lf on changes	2025-07-27 02:16:26 +02:00
.gitignore	Initial commit	2025-07-17 23:40:38 +02:00
flake.lock	add RENNES nodes and some helper function in the shell	2025-07-21 00:56:51 +02:00
flake.nix	improve the handling of the different nixpkgs version in flake.nix	2025-07-24 21:45:00 +02:00
mapping.nix	some dns fix + dnsmasq	2025-07-27 01:15:27 +02:00
nodes.nix	move modules from nodes.nix to mapping.nix	2025-07-24 21:22:14 +02:00
README.md	add aurore for real	2025-07-24 20:36:09 +02:00
shell.nix	dedicated nftables	2025-07-22 00:05:56 +02:00

README.md

Nix - LaSuite Federez

Onboarding:

You will need at least nix installed on you machine

Wireguard

Add your publickeys into ./shared/users-wg.nix Create the following interfaces:

[interface]
Address = 172.19.128.<id>/32
Address = fc00:f::128:<i>/128
PrivateKey = <private.key>

[Peer]
PublicKey = nePNA6RDzgNeSC7deXqeoK2rGGei65tBNnCEN6ZKkEI=
Endpoint = 193.48.225.150:51920
PersistentKeepalive = 25
AllowedIPs = 172.19.0.0/17,fc00::/96

[interface]
Address = 172.19.129.<id>/32
Address = fc00:f::129:<id>/128
PrivateKey = <private.key>

[Peer]
PublicKey = tSnZQM0s1EaN2uvCgYP8xkLXt+NccBBPJj5UBzV3h2Y=
Endpoint = 193.54.193.176:51920
PersistentKeepalive = 25
AllowedIPs = 172.19.0.0/17,fc00::/96

[interface]
Address = 172.19.130.<id>/32
Address = fc00:f::130:<id>/128
PrivateKey = <private.key>

[Peer]
PublicKey = 6zt1TmDgpOoTYhJVhfJTEWr0HhWcXrpXvtCr7Xldyhg=
Endpoint = 45.66.111.188:51920
PersistentKeepalive = 25
AllowedIPs = 172.19.0.0/17,fc00::/96

Only one need to be up at a time

SSH

Prov yourself in ./shared/users.nix

Agenix

Add you decryption key into ./secrets/secrets.nix