From fcfd36c63bc0bcb78a5eff58edb53033993b1df7 Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Fri, 21 Apr 2023 10:49:52 +0200
Subject: [PATCH] pbp wireguard

---
 hosts/default.nix                     |  3 +++
 lib/default.nix                       |  2 ++
 modules/nix/default.nix               |  2 +-
 modules/wireguard-server/default.nix  |  1 +
 secrets/default.nix                   |  1 +
 secrets/pbp-wireguard-private-key.age | 31 +++++++++++++++++++++++++++
 6 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 secrets/pbp-wireguard-private-key.age

diff --git a/hosts/default.nix b/hosts/default.nix
index 30c5a10..f488059 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -190,6 +190,9 @@
         extraHmModules = [
           inputs.ccrEmacs.hmModules.default
         ];
+        secrets = {
+          "pbp-wireguard-private-key" = {};
+        };
       };
       hs = {};
       mothership = {
diff --git a/lib/default.nix b/lib/default.nix
index 4c8dbcd..c7655ea 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -9,6 +9,7 @@
       thinkpad = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZMyLFfuBeDfPLn8WL6JazYpYq3oVvCdD4ktyt915TL";
       mothership = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlepPWHE9GvQIBcAQBQPd80oiePSPxGDnMdqpdEqx6I";
       rock5b = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+pPzPomBOf2eiC26HYrJb9+hlA0pnYPtv2eRYLfOAG";
+      pbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFF05LScu9m5BXMlFAT1g+g/AkAi7kvq1dY6W3Rzqq3f";
     };
   };
   ips = {
@@ -16,5 +17,6 @@
     thinkpad = "10.100.0.2";
     oneplus6t = "10.100.0.3";
     rock5b = "10.100.0.4";
+    pbp = "10.100.0.5";
   };
 }
diff --git a/modules/nix/default.nix b/modules/nix/default.nix
index 2e6315c..c850d14 100644
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@@ -47,7 +47,7 @@
         speedFactor = 1;
         supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
         mandatoryFeatures = [];
-        sshKey = "/var/lib/hydra/queue-runner/.ssh/id_rsa";
+        # sshKey = "/var/lib/hydra/queue-runner/.ssh/id_rsa";
         sshUser = "root";
       }
     ];
diff --git a/modules/wireguard-server/default.nix b/modules/wireguard-server/default.nix
index b1c6005..6c53d96 100644
--- a/modules/wireguard-server/default.nix
+++ b/modules/wireguard-server/default.nix
@@ -33,6 +33,7 @@
           thinkpad = "g8wId6Rl0olRFRtAnQ046ihPRYFCtMxOJ+/Z9ARwIxI=";
           oneplus6t = "O6/tKaA8Hs7OEqi15hV4RwviR6vyCTMYv6ZlhsI+tnI=";
           rock5b = "bc5giljukT1+ChbbyTLdOfejfR3c8RZ4XoXmQM54nTY=";
+          pbp = "jvfAfQ2ykBndpnoLQTBJzDOhpjMOtIyCufEw+BxMxSc=";
         };
         mkPeer = hostname: {
           publicKey = publicKeys."${hostname}";
diff --git a/secrets/default.nix b/secrets/default.nix
index a325add..fe62f82 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -14,4 +14,5 @@ in
     "thinkpad-wireguard-private-key.age".publicKeys = [ccr-ssh ccr-gpg thinkpad];
     "mothership-wireguard-private-key.age".publicKeys = [ccr-ssh ccr-gpg mothership];
     "rock5b-wireguard-private-key.age".publicKeys = [ccr-ssh ccr-gpg rock5b];
+    "pbp-wireguard-private-key.age".publicKeys = [ccr-ssh ccr-gpg pbp];
   }
diff --git a/secrets/pbp-wireguard-private-key.age b/secrets/pbp-wireguard-private-key.age
new file mode 100644
index 0000000..93bdea7
--- /dev/null
+++ b/secrets/pbp-wireguard-private-key.age
@@ -0,0 +1,31 @@
+age-encryption.org/v1
+-> ssh-rsa /AagBw
+JVGa5Masi7sNK7Tx+xAbXqWGjNT6K77Tq1cKsb2yA8q1EAbheZ7bO7+RyizK2HR+
+esK24r1KpnxuSpfraaxQhRszzqKDuc2Wj5yM02LQ4UNxOizGNm5ny7FYtfmBrpx4
+Uu9M6Svte2SSoJ5AamXxjsauvBaGD16+xhX4eUxJcFAbNDOWC39XlZ/XHngx5Tpu
+QTvhuoV4VEefxPKjmHjBG7VNdvB2+UeAjqx/iGOp5OfzaacLTr2QeOpq+ddkLVaF
+Bzy5JcZ1mOKAeN6Wc+7prq+LNLBoRWjfdxZv6UQzYLAHvm7d3TxPtpjZXQObrQ7G
+ubv0W7UAF5J/tUVgX79lSMr2SlyZfcpM19CnboHbMvhvpB97syOKvGaDf9jMAPDU
+3kUO33Rzmze+16VhisB3w6H0cXDqcgZdvM9stLNgrDOtthV7xKF7UxjbIwWCaNk+
+aTDJ76xbiiMyX9ARQ0J6/z28Z8tvYKBWktejpc+1TfoU2BZY/faiLDIzG57c6ECe
+UM5iWrUI5wKqIs+06tC4M2otwwGrJOqC6U9BrCkos+nHZ2cFZwNLwkWcgHvjAFoJ
+A/6QJ6nnD1zKDsvsqmpvX7N4rnTo4SNUNKGp6eNi/P7VZQ0fRpFhd/0139I5i3kD
+CRQXxQILR8juW4c7YMkm1zQKzXkAV3jJm9fEZ0FVxe8
+-> ssh-rsa QHr3/A
+dssXG8BUFuAd8ec+8HD4K6YUIGwKFwTyOXEBj4106w21C0+g0ffIeRXJJG7N0v7d
+vM3ycxDSJgOLmV/OXRQZCysnk6zdh2Aaz1FV9xFiXbZ1WUfMU/7FbeLjhNMzdf18
+f4c1oO9+AYHEV0YhSH0JhTSUj9JkeQ1wG5LQ1Yafls9CCcg0EVNgjXCxTgHS/MzY
+rDGDokc2RzvqDz83g0ks0o/1M8wntCm3+iI+aCEXILz2AF6Il3Uce7qMmffNpYb2
+9hCq7heTUxyewXv2g2F6+DThb/uG5JcRnilAMYnf3Q4LwgytCCfOh1vyvrc6kvqR
+LRIMjS5ggqD22hmcAwCTGPFN2Eeq3foXKtZ2gC+hXrbBpCC8c+rFElB/IzAT+sn4
+3K6QRa+Fku6VZrR28iCMffcBCMOXg1axr5aciKjKClOUw5DDyjHD7J75hNQkIe++
+vUxnB8viGtnUC8yJNf/AeUG7COKE5ZulcMp4ZPPqvkLrA7c6alpAJCe9wK7AuIev
+KlY39UK05Yakdezrj+Tr+FkrdQ5UGG5DbzBskQvoKo9T+sxEL1RMKrCVr34Ynyv3
+gZwR0Ckklk6aZPnqTC/UltrclOBsr08v01gRr9RE7w39pE4aINqigQbhXTYq8Obn
+9MkEldH6j3119vXmHQ9lkyxIfyF3+kpK2gqZMCjwliM
+-> ssh-ed25519 QdXVbg rMspXmlQ2sJ2k0E7L3To2a4+nncH5gkNpVu1Guc2zhY
+RSLNRHow8mP23cxA1irrbPBYUnczSY8xAdHKX/UWtTw
+-> fR>']7s,-grease x
+ggBGn4n8gEq508WyofdRCRqDhy60McWIxHDwPbn8FFN4+ID6Wig
+--- ts2g/OfRkv3A9JWQh54T4ve26jsqFKIvMyXXR5rJJYM
+[‘	Rw²vˆû¹×“MapòUKžYžäã¡ÇÔWqr”Â§[¢F~¾©· H‹ì}u‡·e0„¦±æ‡^uUµ·~•áæŸI>
\ No newline at end of file