Add rock5b to wireguard VPN

2023-04-12 12:25:56 +02:00 · 2023-04-12 12:25:56 +02:00 · d20b2c386e
commit d20b2c386e
parent 11b7466753
7 changed files with 59 additions and 36 deletions
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -168,7 +168,13 @@
      };
      rock5b = {
        system = "aarch64-linux";
-        extraModules = [inputs.rock5b.nixosModules.default];
+        extraModules = with inputs; [
+          disko.nixosModules.disko
+          rock5b.nixosModules.default
+        ];
+        secrets = {
+          "rock5b-wireguard-private-key" = {};
+        };
      };
      pbp = {
        system = "aarch64-linux";
--- a/hosts/rock5b/default.nix
+++ b/hosts/rock5b/default.nix
@ -10,6 +10,7 @@
    "common"
    "ssh"
    "ccr"
+    "wireguard-client"
  ];

  ccr.enable = true;
@ -25,28 +26,7 @@
    generic-extlinux-compatible.enable = true;
  };

-  disko.devices = import ./disko.nix {};
-
-  services.nginx.enable = true;
-  services.nginx.virtualHosts."localhost" = {
-    cgit = {
-      enable = true;
-      virtual-root = "/";
-      include = [
-        (builtins.toFile "cgitrc-extra-1" ''
-          repo.url=test-repo.git
-          repo.path=/srv/git/test-repo.
-          repo.desc=the master foo repository
-          repo.owner=fooman@example.com
-          css=/custom.css
-        '')
-        (builtins.toFile "cgitrc-extra-2" ''
-          # Allow http transport git clone
-          enable-http-clone=1
-        '')
-      ];
-    };
-  };
+  disko = import ./disko.nix {};

  fileSystems."/mnt/film" = {
    device = "//ccr.ydns.eu/film";
--- a/hosts/rock5b/disko.nix
+++ b/hosts/rock5b/disko.nix
@ -1,5 +1,5 @@
 {emmc ? "/dev/mmcblk0", ...}: {
-  disko.devices = {
+  devices = {
    disk = {
      emmc = {
        type = "disk";