oignon: wireguard: remove in favor of nebula

diff --git a/hosts/oignon.nix b/hosts/oignon.nix
index 50e5711cb4cf9ccb04ed9b23155e5b7a105539fa..85321c00aec049e62ddd85bad4573449a2604bd1 100644 (file)
--- a/hosts/oignon.nix
+++ b/hosts/oignon.nix
@@ -14,7 +14,6 @@
     oignon/hardware.nix
     oignon/nebula.nix
     oignon/networking.nix
-    oignon/wireguard.nix
   ];
 
   # Lower kernel's security for better performances

diff --git a/hosts/oignon/networking.nix b/hosts/oignon/networking.nix
index 0df3daaacf1899149b53ff2bad08383453b7c330..5968687eeae51386046bd4c1e0f1383a7438464e 100644 (file)
--- a/hosts/oignon/networking.nix
+++ b/hosts/oignon/networking.nix
@@ -2,7 +2,6 @@
 {
   imports = [
     ../../nixos/profiles/dnscrypt-proxy2.nix
-    ../../nixos/profiles/wireguard/wg-intra.nix
     ../../nixos/profiles/networking/ssh.nix
     ../../nixos/profiles/networking/wifi.nix
     #../../nixos/profiles/openvpn/calyx.nix

diff --git a/hosts/oignon/networking/nftables.nix b/hosts/oignon/networking/nftables.nix
index 1ec0a97b763588edfdc21b237ee2434305270921..829dc1788dd6774cf04b894fba8bc0b42431529d 100644 (file)
--- a/hosts/oignon/networking/nftables.nix
+++ b/hosts/oignon/networking/nftables.nix
@@ -16,12 +16,6 @@ in
     '';
     ruleset = ''
       table inet filter {
-        chain input-intra {
-          tcp dport { ssh, 2222 } counter accept comment "SSH"
-          udp dport 60001-60010 counter accept comment "Mosh"
-          #tcp dport 4713 counter accept comment "pulseaudio"
-          tcp dport 5201 counter accept comment "iperf"
-        }
         chain input-net {
         }
 
@@ -33,14 +27,6 @@ in
           tcp dport { 4444, 5555 } counter accept
           tcp dport 5201 counter accept comment "iperf"
         }
-        chain output-intra {
-          tcp dport { ssh, 2222 } counter accept comment "SSH"
-          udp dport 60001-60100 counter accept comment "Mosh"
-          tcp dport { http, https } counter accept comment "HTTP"
-          tcp dport git counter accept comment "Git"
-          tcp dport 5201 counter accept comment "iperf"
-          ip daddr losurdo.wg tcp dport 9091 counter accept comment "transmission"
-        }
         chain output-net {
           tcp dport { ssh, 2222, 20022 } counter accept comment "SSH"
           udp dport 60001-60100 counter accept comment "Mosh"

diff --git a/hosts/oignon/wireguard.nix b/hosts/oignon/wireguard.nix
deleted file mode 100644 (file)
index fef5a84..0000000
--- a/hosts/oignon/wireguard.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-_:
-{
-  systemd.services."wireguard-wg-intra".serviceConfig.LoadCredentialEncrypted = [
-    "privateKey:${./wireguard/wg-intra/privateKey.cred}"
-  ];
-  networking.wireguard.wg-intra.peers = {
-    mermet.enable = true;
-    losurdo.enable = true;
-    patate.enable = true;
-    aubergine.enable = true;
-  };
-}

diff --git a/hosts/oignon/wireguard/wg-intra/privateKey.cred b/hosts/oignon/wireguard/wg-intra/privateKey.cred
deleted file mode 100644 (file)
index 018f4d4..0000000
Binary files a/hosts/oignon/wireguard/wg-intra/privateKey.cred and /dev/null differ

diff --git a/hosts/oignon/wireguard/wg-intra/privateKey.gpg b/hosts/oignon/wireguard/wg-intra/privateKey.gpg
deleted file mode 100644 (file)
index ebe9894..0000000
Binary files a/hosts/oignon/wireguard/wg-intra/privateKey.gpg and /dev/null differ