From 39dca4da02d4312f99e2ce7736e17d1d5227e75b Mon Sep 17 00:00:00 2001 From: TheWanderingCrow Date: Wed, 29 Jan 2025 09:47:10 -0500 Subject: [PATCH] nebula test run --- flake.lock | 8 ++++---- flake.nix | 1 + modules/users/lighthouse/setup.nix | 17 +++++++++++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index d7305c9..8665c4a 100644 --- a/flake.lock +++ b/flake.lock @@ -219,11 +219,11 @@ }, "nix-secrets": { "locked": { - "lastModified": 1737825569, - "narHash": "sha256-5VkFZ00n/qDyrGZRNAbpDrLtUYuVpIAB33C2kY8otCA=", + "lastModified": 1738161184, + "narHash": "sha256-8ma/3Ynp2AzRm9ER5IqFm3pV05WVf0MtVDKHkxZSftA=", "ref": "refs/heads/master", - "rev": "63cac5afb18c5fcb9e11b560b20e4941d9b4caf4", - "revCount": 24, + "rev": "300319bbe2c60b201e451fc74a49465a2f1c2681", + "revCount": 28, "type": "git", "url": "ssh://git@github.com/TheWanderingCrow/nix-secrets" }, diff --git a/flake.nix b/flake.nix index 42a33c1..77d0bba 100644 --- a/flake.nix +++ b/flake.nix @@ -118,6 +118,7 @@ "${nixpkgs}/nixos/modules/virtualisation/amazon-image.nix" { networking.hostName = "WCE-Lighthouse1"; + defaultSopsFile = inputs.nix-secrets.secrets.lighthouse1; } home-manager.nixosModules.home-manager sops-nix.nixosModules.sops diff --git a/modules/users/lighthouse/setup.nix b/modules/users/lighthouse/setup.nix index 9a37e05..4df9967 100644 --- a/modules/users/lighthouse/setup.nix +++ b/modules/users/lighthouse/setup.nix @@ -7,10 +7,27 @@ }: lib.mkIf config.user.lighthouse.enable { + + sops = { + age.keyFile = "/var/lib/sops-nix/key.txt"; + age.generateKey = true; + }; + + sops.secrets.cert = {}; + sops.secrets.key = {}; services.nebula.networks.test = { enable = true; isLighthouse = true; + ca = inputs.nix-secrets.nebula.ca; + cert = config.sops.secrets.cert.path; + key = config.sops.secrets.key.path; + settings = { + listen = { + host = "0.0.0.0"; + port = 4242; + }; + }; }; }