Add raccoon peer to wireguard

It routes traffic from fox, apex and the compute nodes so that we can reach the git servers and tent. Reviewed-by: Aleix Boné <abonerib@bsc.es>
2025-09-25 15:01:33 +02:00
parent d49d078bed
commit 1f0cb4ae76
10 changed files with 76 additions and 1 deletions
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,6 +4,7 @@ let
  hut = [ keys.hosts.hut ] ++ adminsKeys;
  fox = [ keys.hosts.fox ] ++ adminsKeys;
  apex = [ keys.hosts.apex ] ++ adminsKeys;
+  raccoon = [ keys.hosts.raccoon ] ++ adminsKeys;
  mon = [ keys.hosts.hut keys.hosts.tent ] ++ adminsKeys;
  tent = [ keys.hosts.tent ] ++ adminsKeys;
  # Only expose ceph keys to safe nodes and admins
@@ -29,4 +30,5 @@ in

  "wg-fox.age".publicKeys = fox;
  "wg-apex.age".publicKeys = apex;
+  "wg-raccoon.age".publicKeys = raccoon;
 }
--- a/secrets/wg-raccoon.age
+++ b/secrets/wg-raccoon.age