nebula test run

2026-01-11 09:44:08 -05:00 · 2025-01-29 09:47:10 -05:00 · 2025-01-29 09:47:10 -05:00 · 39dca4da02
commit 39dca4da02
parent ef9e7a469f
3 changed files with 22 additions and 4 deletions
--- a/flake.lock
+++ b/flake.lock
@ -219,11 +219,11 @@
    },
    "nix-secrets": {
      "locked": {
-        "lastModified": 1737825569,
-        "narHash": "sha256-5VkFZ00n/qDyrGZRNAbpDrLtUYuVpIAB33C2kY8otCA=",
+        "lastModified": 1738161184,
+        "narHash": "sha256-8ma/3Ynp2AzRm9ER5IqFm3pV05WVf0MtVDKHkxZSftA=",
        "ref": "refs/heads/master",
-        "rev": "63cac5afb18c5fcb9e11b560b20e4941d9b4caf4",
-        "revCount": 24,
+        "rev": "300319bbe2c60b201e451fc74a49465a2f1c2681",
+        "revCount": 28,
        "type": "git",
        "url": "ssh://git@github.com/TheWanderingCrow/nix-secrets"
      },
--- a/flake.nix
+++ b/flake.nix
@ -118,6 +118,7 @@
          "${nixpkgs}/nixos/modules/virtualisation/amazon-image.nix"
          {
            networking.hostName = "WCE-Lighthouse1";
+            defaultSopsFile = inputs.nix-secrets.secrets.lighthouse1;
          }
          home-manager.nixosModules.home-manager
          sops-nix.nixosModules.sops
--- a/modules/users/lighthouse/setup.nix
+++ b/modules/users/lighthouse/setup.nix
@ -7,10 +7,27 @@
 }:
 lib.mkIf config.user.lighthouse.enable {

+    
+      sops = {
+        age.keyFile = "/var/lib/sops-nix/key.txt";
+        age.generateKey = true;
+      };
+
+      sops.secrets.cert = {};
+      sops.secrets.key = {};

    services.nebula.networks.test = {
        enable = true;
        isLighthouse = true;
+        ca = inputs.nix-secrets.nebula.ca;
+        cert = config.sops.secrets.cert.path;
+        key = config.sops.secrets.key.path;
+        settings = {
+            listen = {
+                host = "0.0.0.0";
+                port = 4242;
+            };
+        };
    };
        
 }