2 files changed, 2 insertions(+), 25 deletions(-)

M secrets/proxy/secrets.yaml
M systems/hosts/proxy/default.nix

@@ 1,7 1,5 @@
 rootPwd: ENC[AES256_GCM,data:qoKUOPPB4uuK8Wykn+OI+DZdFg/IQOO354MiQUzwWeP8FEGJzY75lHPOB/fGXq9OqjmAHoFQLRa8XjNaHmpGBQpU2v737z+w3I4fHLA4fBOtDykFTKqCXXL5yccj1LKRmZ+yewvU18LAag==,iv:XhFEFxYrhCXqb01xzIoPEYfhwcZaQ+TOABgpLh+kI4E=,tag:qZSp+UAlGaIWjR377nRJxA==,type:str]
 liljamoPwd: ENC[AES256_GCM,data:xdTpyxoELOTVxSqkKiR62fVsykfhpKLAfBsJKzILkNbCiPLSHKpGl/VWO5+nxv+eM8UNIMSDjf5P55BRfKc+b/1IPrkY65Va33KIcJGlvE+e9wkCdDiBcCLj3v9+Q1kIjPtptsBMm1o1DQ==,iv:Ay0JWUBH+hrnSubaaJFlqvYYLz3+fAizaR92O2J1NBw=,tag:doaRHFx68JO5zEygrCyOAg==,type:str]
-wg1PrivateKey: ENC[AES256_GCM,data:XdWjyy3yNkkY1prXmhQ+pJkMzl67HCvo0Niy8WhslsNVsykHOpz4FvgighI=,iv:TUYEu46Ee91V2Ahu+MM/li7q8Sl5yM0u2ZU9nasto2Q=,tag:ylpq8QHFjLuuwZ5Xp02DCg==,type:str]
-wg1PresharedKey: ENC[AES256_GCM,data:Nj9sCxDahq6jOo3dMyWGWhebjL7dwqTrGhNG3dbNQJ+AJNhjvqrnbZMCSG0=,iv:s2GldprFLFP3A10X+q2KqHZhiUSLCoagDOcAbq6TXgM=,tag:MdrLpXu9aDfHwiFuZIU3JQ==,type:str]
 wg0PrivateKey: ENC[AES256_GCM,data:0GXueiosfoS0MUVpvL7Pb3qXhVoLchC2ZgelQ64MRWnQhiawMZp3JJ24Elc=,iv:wwcbySleh/ST/Dm1qBYe9dHjC573LslkFdReyZj1K6w=,tag:d6c59m4QPBMlZtFP+toFAw==,type:str]
 wg0PresharedKey: ENC[AES256_GCM,data:isNyNSjJwpvWpCBCE19PE+VL/pqD6K5ho5TPPNCEdizAjxBDBFdWUlRTnaY=,iv:twOcys1cliE5hV8cUGqYh+EPOOiyvmnsbKbsWUZgZsY=,tag:H5G9Rh+OI/SWSPoGLCEciQ==,type:str]
 sops:


@@ 19,8 17,8 @@ sops:
             L1ZCL0FpRnh6d0VldjAvOTlLb0tjUXcKMrvDltAuOVNF7w4CDot4wuRsLzlsgoDG
             DZj/utJB/2lbNn+1dlIcAGPG9QYR7peoI3vooer+FWA2bX2JvUnifA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-09-14T08:15:50Z"
-    mac: ENC[AES256_GCM,data:bCWFrubXi+p/p0QzCEUNANU2hdHpmAdvNafyWG7Gq8RBnMnArAIdLr+gicUy1f5FB32O5ffSh1wkBKJVjGVJoMOiusJhpJfvEC8apLY1ApB/6LqkDeqtyRlZOy+1AR5W2GUG0JFr9bYM4VLINPjsvLqcIlxzo1cYCYYJ/8cMyTc=,iv:Ffez5U/2pgpC1nFDI0Ouz5DZNQ+lytDlGOAnoRbGPtM=,tag:znUXYZxfbSzKHLREcvo1KA==,type:str]
+    lastmodified: "2024-10-03T07:09:21Z"
+    mac: ENC[AES256_GCM,data:bc7/QJxVYpZZ/pd8MmI7uU/XUeSG0Km6hTDs31RU/1PaW3qUEU28jAxP8hzihxBpmjJ9/auWFLJ45R4zV3K+xoO2Dda9KlXlh+hmAnxr43czLpNDsAinbAkDoHjczJCTUSb6DKbkALVlzCVPtGIHtEb9eC4zZI+XtMhXczrbKkE=,iv:JguBTpSnMlm793at7Qwvd/M89KJ9xTkrCpulRpX/VOU=,tag:qDPSU83aTr8Op5FSNhZo+Q==,type:str]
     pgp:
         - created_at: "2024-09-14T08:14:09Z"
           enc: |-

@@ 5,32 5,11 @@
 }: let
   promtailPort = 3100;
 in {
-  sops.secrets.wg1PrivateKey = {};
-  sops.secrets.wg1PresharedKey = {};
   sops.secrets.wg0PrivateKey = {};
   sops.secrets.wg0PresharedKey = {};
 
   networking.firewall.interfaces."eth0".allowedTCPPorts = [443 promtailPort 8404];
   networking.firewall.interfaces."wg0".allowedTCPPorts = [80];
-  networking.firewall.interfaces."wg1".allowedTCPPorts = [80 5522];
-  # TODO: Remove wg1
-  networking.wg-quick = {
-    interfaces.wg1 = {
-      privateKeyFile = config.sops.secrets.wg1PrivateKey.path;
-      address = ["192.168.2.10"];
-      listenPort = 21841;
-
-      peers = [
-        {
-          publicKey = "uvdeJAsxUf/bEREwCaFDHg9rO1xxC3Wzu1d2x+WiNEQ=";
-          presharedKeyFile = config.sops.secrets.wg1PresharedKey.path;
-          endpoint = "140.238.216.88:51820";
-          allowedIPs = ["192.168.2.0/24"];
-          persistentKeepalive = 25;
-        }
-      ];
-    };
-  };
   networking.wireguard.interfaces."wg0" = {
     ips = ["10.100.0.10/24"];
     listenPort = 51820;