From 0ace2043f09bbe29923eed8a50c3875fe153b77d Mon Sep 17 00:00:00 2001
From: Alexander Szczepanski <alexander@szczepan.ski>
Date: Thu, 23 Sep 2021 13:14:59 +0200
Subject: [PATCH] fixed vps config

---
 .gitsecret/paths/mapping.cfg |   2 +-
 configs/secrets.nix.secret   | Bin 914 -> 913 bytes
 machine/vps.nix              |  34 +++++++++++++++++-----------------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/.gitsecret/paths/mapping.cfg b/.gitsecret/paths/mapping.cfg
index 4305c78..71183a9 100644
--- a/.gitsecret/paths/mapping.cfg
+++ b/.gitsecret/paths/mapping.cfg
@@ -1 +1 @@
-configs/secrets.nix:259586563a3c51652650618e0cc26aaee07b482ea801e2a1641d24510446bf50
+configs/secrets.nix:a83d724b6fe99623ff5a9e649a30227c3c199d302b10dce75db8ab3f3271d7f8
diff --git a/configs/secrets.nix.secret b/configs/secrets.nix.secret
index e986f2f20544560b3409abac58843c8e5178ad02..13c2a7fedec8c46b67ae4122c50456b20904cfc9 100644
GIT binary patch
literal 913
zcmZo=;$b$E7Pz~&A*Y*BfMI|2j%5K;neVI+ShVx>B(Im}Z<f4tEEL;0bD`);pA3PG
z8;&ts%JudXrUpx^sOa$LPI>fU@n-?f)15y9pBv|Li_DNr-WA<BXWk>8RW`B}+g@yX
z`%=nQU-X#ubDkgf?>93SpNrO6yVT|u_k6`GzgAxn7LEQSzmwP5bN;ae&4XHVSJdTv
z=S<z)eotlh?uvwKr^NiP`~Tx{%UIpL;l|H)<w9HQ=Ms7o7@GOlEsr}A?Dy-y?e}3`
z$9aS<v3XU!V%gKR_(R;O^3Bam(K5zIc#iq`2wd+@ztUY}`_t&AMk9Nj!>Q{<JQw`8
zH}LzcntXkMgVyg<@pC7n6K`JaJ#cUm!@sh*;frp12^ue6aXaJus?D3S1uMmkIXKOJ
z1$45_-nnC&1ZzZ7dkI(ho2Q;VvTOGmB(3b}vyyvr<SDQ0|2f-MU%Gs0d8jk@BQLSt
z>g{~fxW0GnEB{&UU}`Y`bJnpa?YGS<j&AbRKe_y<Wqyg|bhZm34*O5v3TS7PS;xTC
zuz$7T0`tp94*L9T4*JCsv~K^L3&k6A946T}sO?<rw)6GtUz;8;zT&>^>b$c@tohW|
zyzOr@4dz^=)>be6VXsL;^P}6FpZ4X)Imle*Jl8IxcK-eJqMo&~yI0K?ycWjr?(3Ag
zd394ZF$li7Hve4cpV-iUReMzBxhKzla((9uzmHNeUE;e^)2<m`I<TMdwds>3rx}{N
zUO5~)(YIwy=t8kXhy9Zm)i_p1$A1e~yK%iy;?|eUi5;OnTRsKdKIG2w|IXBwJ3kIt
zzl*(hOygmS)B4*vT~;RM*-7EO(k!MCd&IS`IbM3QOnkogRFBot-EP-~+yBohh^=ee
zzoz)*@-xeC{;gN}_aj=yPg9olM`5Afy?rPC%do#`z2+A0^Hi8ULPzJ*ncurOqObk_
zpJuV+!fVZ2XJft|x>CJq($X#BhhF!+=U*kSeyo`DV$5{i!162H%S3lGZ#O(-+P@?9
zlYdNn@8S84r3YU6tSWYYs1g@&bPaQgxa{=Jv5zcz_vg;@-&p!pHA`=)|JOL?jc4vn
zy~||zc4ORqha#<ee@w)MJ0DeEa_I3BQr@t7{)S2C?`_yNyHai?hi`C>kk73na|#3O
z&oq6!A--H@x@AXDI-C7v_9O2~nr4LgnG{a>wSalfT-C`>cUyeBS;hbFber$nN1B{<
ks;f^(>l~?FTK}w-T`<p!?L^P&*Q+P8_f?A+@dvR10K7rSvH$=8

literal 914
zcmZo=;$b$E7Pz~&A*Y*>|F49vRJ-90yV&m!%2$2jO=fz!>RZnzGff+9rr`61-#mZG
zA32;cYs>HO;FO#EJI}eb=<hXo#v?boPx|7sKJNDq=P+}aM7ge<|BGc&Q&-Ka0}s*;
zFJ@`;4O{WnyZq$tdE1TqFCRQ#yEVBXWa1&cQ(cm)7jR6k$hfm^$FZcNeyn;u98=GC
z-tf8nS~qDOi%7)%D9hs;dop8kxN0*t@|D*-c_zU2;a)xiZ@1~}xXs&2f1fz9;7*;w
zxg4MLgSX#a3+}rn_{Nt_?z%R^+)2$WZku)Q$_Q7xPOM>Uzgl{0t6)sU-0N!Mbz2=Y
z4PO2YIBUS8yGCbbgW^l^V-r4CYVWuh9KCu@tsLj#0Ox{Z3n$gpdHT=ZwtVAL{q%$@
zXRhCLoG)$9|MdT7GqFtd{43MX<gY!Ln5;aDKd*RWf3~Zxgo6^t(acvX{XJfAocuIV
zue{>ocgYZ44PNI>-sfftUVOfJ)$gyR<>?iRwv=q^*;d{i$8mhIhWC?{IqnOzc=*m2
zsujNdUJ@hBZs~X2BJKD>OJAM(y034X9<eBd<ee3XnE75~cJibxb28Z*uDP;T>GbYr
zj@VjpdEHCvf9bB%K3>Ya;kmD6jjgrMH7}R{OAiaHO*XvImVVlA3e!fVql>)vwKXq(
zm96a6rWw{0{498~Ms~>c436&JFY8YgOZ8@0?DDv}d~4gAd6y0xV7#?>zo-)nx8vEr
zwF{3<wE3aMzq(Z5<NakO?S?DPyo$Y3Yuwtp<UrhpocUIoA%(NQAAJ>M>a{LO;@R96
z8xJ$Q-cfUFTTipe(go_urxG{L7VzusaBn?lG|6u!+p@_zDk0o!_N<xpeC9MU)(c^=
zyCSZ8Cx~9&S8n}g-JzGk+iuVCea+;;&R0BNVb-PEcaFS5h28Tk_2gf=iN?I*?33=c
zeo*b#W_n+a>2{ll=>J89mu@kwTO{bXpK<QX^%n0}|B~nXoPO!}0>(m-kDqJ%({z`r
z8!E^xUVLs#UgvqiS2+#q=cVs^e~B@=I5|_|*W7K6>7V`HHdK`OB{+1;=}j{D-ML*+
zqxhI(o@IGQqR&D7vnn4w&P=wId$Drf#JB5yd1uL~zF*@rZ=&e5fX+Oxc{<bQtDEil
zU#*zyHoaisdXsd&`?K5r8w)@B_J6}o^=(nSKLu~)tk~!v?vOsK&Nh7Z?Hd=9A3tN*
iR3~%c>hpjlwQCdw!bSd{vkC5Bko`a5_Dn&wJEs9Oal$A7

diff --git a/machine/vps.nix b/machine/vps.nix
index ccd2f74..0d80f90 100644
--- a/machine/vps.nix
+++ b/machine/vps.nix
@@ -1,6 +1,6 @@
 { config, lib, pkgs, ... }:
 let
-  secrets = import ./secrets.nix;
+  secrets = import ../configs/secrets.nix;
 in
 {
   imports =
@@ -24,21 +24,22 @@ in
     useDHCP = false;
     interfaces.ens3.useDHCP = true;
     wireguard.interfaces = {
-    wg0 = {
-      ips = [ "10.100.0.1/24" ];
-      listenPort = 51820;
-      postSetup = ''
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
-      '';
-      postShutdown = ''
-        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
-      '';
-      privateKey = secrets.wireguard-vps-private;
-      peers = [{
-        publicKey = secrets.wireguard-desktop-public;
-        presharedKey = secrets.wireguard-preshared;
-        allowedIPs = [ "10.100.0.2/32" ];
-      }];
+      wg0 = {
+        ips = [ "10.100.0.1/24" ];
+        listenPort = 51820;
+        postSetup = ''
+          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
+        '';
+        postShutdown = ''
+          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
+        '';
+        privateKey = secrets.wireguard-vps-private;
+        peers = [{
+          publicKey = secrets.wireguard-desktop-public;
+          presharedKey = secrets.wireguard-preshared;
+          allowedIPs = [ "10.100.0.2/32" ];
+        }];
+      };
     };
 
     nat = {
@@ -127,4 +128,3 @@ in
 
   system.stateVersion = "21.05";
 }
-