diff --git a/hosts/by-name/servo/default.nix b/hosts/by-name/servo/default.nix index 3cb915b3..315104c8 100644 --- a/hosts/by-name/servo/default.nix +++ b/hosts/by-name/servo/default.nix @@ -28,6 +28,8 @@ sane.services.wg-home.forwardToWan = true; sane.services.wg-home.routeThroughServo = false; sane.services.wg-home.ip = config.sane.hosts.by-name."servo".wg-home.ip; + sane.ovpn.addrV4 = "172.23.174.114"; + # sane.ovpn.addrV6 = "fd00:0000:1337:cafe:1111:1111:8df3:14b0"; sane.nixcache.remote-builders.desko = false; sane.nixcache.remote-builders.servo = false; # sane.services.duplicity.enable = true; # TODO: re-enable after HW upgrade diff --git a/secrets/servo/ovpn_privkey.bin b/secrets/servo/ovpn_privkey.bin new file mode 100644 index 00000000..3a5b5ee0 --- /dev/null +++ b/secrets/servo/ovpn_privkey.bin @@ -0,0 +1,32 @@ +{ + "data": "ENC[AES256_GCM,data:bvhh/AdtDBdGnBlH9K6oSYZ0GoCmqxSauYsaBcmJyHA6Ry/3XAgZLt8RsAa8,iv:Cg6nRTZo3ZVdl0wyaoywsatbhZ0/Gv+9JLGIJ0Hzz8k=,tag:KHLOOP6QTCGG+bKKC3lkFw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuZTFlUFYzTHJGNUl6Mk5t\nbnJacjJYSVdhKzBHWXp5ZHdoajJHUEMvdmc4CklEaHhhL2FITmc4bFlnVUdxRDZW\nMFVPbW5kMWNEWDA3R0JESzZBZ0dzejQKLS0tIHFLRVk3U3QzSFNMYzM5RHFodThD\neG5kTXA1VVpLcGxkK0s3WmdkUlp0SmcKKoLvt0GbP4rC0elLQGIhQDv2KNB2EHoK\n4ASzWej+LrDGuBl9UQ4QBZR5BFxienpyVjpYpYKkXG8bQSvyfTv3gw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4Rk95SVUzVGwzVFpDeG1W\naUZxbENmRzRjY2x4MVozdGxkRkZ0N1pPdUQ4Ci9pRllUYWZVUzlGUzErZkJacTU0\nOGluL01VdEJZQzFGNmF3VFBIamJjTGsKLS0tIEcrdFF0czJZRzdkZmhtSXcxMDJV\nVzJPVU1xZlptd1REaWd3b0VaaWE4V00KbqtfNDYgbn8i6A+Jam+525Cb6STHO8w2\n+/fCO73i0gmHwNMNXqeB3baW3iTiY5ir1ZoXC/BiaD1AQmEbGcboSA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzM3BJVktMdmd1RzVvazNS\nMS8yRHhzWUlrRVU2bmtJZUJLVStZb3R6dVRNCk5wRTBFWmlQem1vV2M5WHFVSnFr\nUUtlcjFWUHJjS0J6ejVHRXFuWEtCNjAKLS0tIHZwU081SEt4SDNlU3dRV1lzNHkz\nTEFZaUxndFA5bjZ2RmlYcmtBYTlwWjQKi113aX/QdEnSyPNy8m6oFt4KyBY9mzgm\nCMZG+wen13FOVTWtWrVtpez3aEZ4DNi64dXMrkuo0pBPs5O+MkHJTA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZGlNaHNaWXZqR0RrclVq\nbmlrUTlHc2tqWUFRRk5haFBna1ZocDd2WXhFCmRXdHFwdkZFbHJDODV5ZmxIWTZj\nbkdXajVFVVFyTE12WWdXeDJIckZlM1EKLS0tIGJZVmkyR2Z5QlFOZ0dBN2JzUTJr\naFB6ay8reTVkeUpaL2IwSEVHNVU0V1EK/Od0/Uw4CJEtbmE9Ly9PDe0fG59vJ7jy\ntiYOJd+dYPqokSDdLcZAGPnJAZreTKZl7FSPohBugspIKMWPhXDYEg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-05-26T14:33:11Z", + "mac": "ENC[AES256_GCM,data:U0osnjRfiTAtygioOJtie1KI8Br3DpTTjVwpyMKflt+oaOSHVZEDlYwkH4OZbk5Q4i08FEUXWxrvbeNMwgXHw8N2TG+mjuSgSclvu8OmeDWXlx9lpD732WwAVbhhTtWNwWDP8cPzWEkrBwvBx7UI2Qy4rgR+54E/2k+ghkJLx3k=,iv:05oYSaw2tJgkyO9mxs5cJaqhAEoPU9yDncuM1NpWtm0=,tag:GHth58XD27siwOCK+QkRIA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file