41 lines
1011 B
Nix
41 lines
1011 B
Nix
{lib, ...}: rec {
|
|
harbor = {
|
|
publicKey = "se1SYdSuu+e8FLqHJO0Fk+kWV3WlrVj9qeCPOhAqsmA=";
|
|
|
|
# Forward all trafic to the VPN.
|
|
allowedIPs = ["10.10.10.0/24"];
|
|
|
|
# Server endpoint to connect to.
|
|
endpoint = "173.249.42.252:51820";
|
|
|
|
# Send keepalives every 25 seconds. Important to keep NAT tables alive.
|
|
persistentKeepalive = 25;
|
|
};
|
|
|
|
clients = {
|
|
comfy-station = {
|
|
publicKey = "OsP5tyyYq2B9K8kcDJRLMVE/XuFk57aEhzhQcJc+e3M=";
|
|
address = ["10.10.10.2/24"];
|
|
allowedIPs = ["10.10.10.2/32"];
|
|
};
|
|
|
|
monolith = {
|
|
publicKey = "r60a6TyR2jV6ePvZgtznd3H4hQPE3sjznoiE8vx3+iI=";
|
|
address = ["10.10.10.3/24"];
|
|
allowedIPs = ["10.10.10.3/32"];
|
|
};
|
|
};
|
|
|
|
forServer =
|
|
builtins.mapAttrs (_: v: {
|
|
inherit (v) publicKey allowedIPs;
|
|
})
|
|
clients;
|
|
forClient = c:
|
|
(lib.mapAttrsToList (_: v: {
|
|
inherit (v) publicKey allowedIPs;
|
|
}) (builtins.removeAttrs clients [c]))
|
|
++ [harbor];
|
|
clientAddress = c: clients.${c}.address;
|
|
}
|