add ukraine VPN
This commit is contained in:
parent
dca68a019b
commit
f790147fb0
|
@ -25,7 +25,34 @@
|
|||
autostart = false;
|
||||
};
|
||||
|
||||
networking.wg-quick.interfaces.ovpnd-ukr = {
|
||||
address = [
|
||||
"172.18.180.159/32"
|
||||
"fd00:0000:1337:cafe:1111:1111:ec5c:add3/128"
|
||||
];
|
||||
dns = [
|
||||
"46.227.67.134"
|
||||
"192.165.9.158"
|
||||
];
|
||||
peers = [
|
||||
{
|
||||
allowedIPs = [
|
||||
"0.0.0.0/0"
|
||||
"::/0"
|
||||
];
|
||||
endpoint = "vpn96.prd.kyiv.ovpn.com:9929";
|
||||
publicKey = "CjZcXDxaaKpW8b5As1EcNbI6+42A6BjWahwXDCwfVFg=";
|
||||
}
|
||||
];
|
||||
privateKeyFile = config.sops.secrets.wg_ovpnd_ukr_privkey.path;
|
||||
# to start: `systemctl start wg-quick-ovpnd-ukr`
|
||||
autostart = false;
|
||||
};
|
||||
|
||||
sops.secrets."wg_ovpnd_privkey" = {
|
||||
sopsFile = ../../secrets/universal.yaml;
|
||||
};
|
||||
sops.secrets."wg_ovpnd_ukr_privkey" = {
|
||||
sopsFile = ../../secrets/universal.yaml;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,16 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# first arg should be the region, e.g. `us` or `ukr`
|
||||
|
||||
case $1 in
|
||||
ukr)
|
||||
iface=wg-quick-ovpnd-ukr;;
|
||||
us)
|
||||
iface=wg-quick-ovpnd;;
|
||||
*)
|
||||
echo "invalid vpn name '$1'"; exit 1;;
|
||||
esac
|
||||
|
||||
echo vpn: $(curl https://ipinfo.io/ip)
|
||||
sudo systemctl stop wg-quick-ovpnd
|
||||
sudo systemctl stop $iface
|
||||
echo plain: $(curl https://ipinfo.io/ip)
|
||||
|
|
|
@ -1,4 +1,16 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# first arg should be the region, e.g. `us` or `ukr`
|
||||
|
||||
case $1 in
|
||||
ukr)
|
||||
iface=wg-quick-ovpnd-ukr;;
|
||||
us)
|
||||
iface=wg-quick-ovpnd;;
|
||||
*)
|
||||
echo "invalid vpn name '$1'"; exit 1;;
|
||||
esac
|
||||
|
||||
echo plain: $(curl https://ipinfo.io/ip)
|
||||
sudo systemctl start wg-quick-ovpnd
|
||||
sudo systemctl start $iface
|
||||
echo vpn: $(curl https://ipinfo.io/ip)
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
wg_ovpnd_privkey: ENC[AES256_GCM,data:qmyCOcD5TA7SKqSDCTZOTahkfYVZMJUGuyselmQbqj1uer3e4cBRSMuIiRI=,iv:jnHvGgVu/8HWT8MkI2wtGqlCs6wTu0C8huHpkdDmBYk=,tag:a0r0f/6LTBUuhvLGu+SFug==,type:str]
|
||||
wg_ovpnd_ukr_privkey: ENC[AES256_GCM,data:5zfhsZnBk0Kb9Nb/3igsV/fN0ZDjwTAGTKyMLMly/l7MlJe6MEmd5Lv+JT8=,iv:Mov9eUP8WfvzfZ6NljgLolJ49GSqR7eSV+k0dgE1+1I=,tag:O9UtGX2qt+qEvabcsA0vIA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -77,8 +78,8 @@ sops:
|
|||
T1ZLaWRwWFJkNE82NC80QTdjZ1l1Zm8K7QhAMCO/65Z0N4coN+sc7WYNVI+BvV01
|
||||
q5DXWTtePrPRQ8ZCqT7gWdSQc8iS410HEZ2Nya5IA+ktGxMO9h1EXA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-06-21T09:01:02Z"
|
||||
mac: ENC[AES256_GCM,data:G6crbY/fKKHjiCI7m+uOIRHrW2CJFM6DPD598h/vqRwYI0laIkasr7vUMuV72RyqAW52F90kIYyLY5qhu4uTOBqHK5aJHAxNo55knHrpXYQemMMt5UGC3AwgswLWkqze43EhIj7NrA6LTFF4MX+rD3yhFC+IAQOgZ1HiIk9h0sY=,iv:kDDHyNlaCCq9AVSr5qaF1OYZxNAGgxSGL5bxYL3Q79w=,tag:5FNaXMHjTyjyPScOXgep6Q==,type:str]
|
||||
lastmodified: "2022-07-09T07:40:05Z"
|
||||
mac: ENC[AES256_GCM,data:U7kbbCm6I+S86En04h+jKFhqm+++iFHluA0ceChTEJEFaWX4FqMQHAthHl4Bce+AMjhdu5IjTajnAHp2RDvGRMoyissAH0+SwWR5lEKVhHZFl2jQga1T8rmScfCnP5nK8lRUiSBtbEZWPE+Pct63mR7rEUVFLtKIIoqOYfpB6XI=,iv:sa3eUtOnjs49y2EL/ndP/1f9iyOB4wTAc97TZ8zhBXQ=,tag:n91xs8Carw6OO/rk3dO+Fw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
|
|
Loading…
Reference in New Issue
Block a user