Make wireguard trusted for easier testing and fix kipchoge timeserver

alexanderwallau · Apr 9, 2024 · eb8bf2b · eb8bf2b
1 parent 9abf479
commit eb8bf2b
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/machines/kipchoge/configuration.nix b/machines/kipchoge/configuration.nix
@@ -137,10 +137,14 @@
       git
     ];
   networking = {
+    firewall.trustedInterfaces = ["wg0" "wg1" ];
     nameservers = [ "1.1.1.1" "1.0.0.1" ];
     # Fallback ntp service, this one being T-Online
-    timeServers = [ "194.25.134.196" ];
-    trustedInterfaces = ["wg0" "wg1" ];
+    ttimeServers = [
+      "ptbtime1.ptb.de"
+      "ptbtime2.ptb.de"
+      "ptbtime3.ptb.de"
+    ];
     hostName = "kipchoge";
   };
 }
diff --git a/machines/mayer/configuration.nix b/machines/mayer/configuration.nix
@@ -99,7 +99,10 @@
       interface = "ens3";
     };
 
-    firewall = { allowedTCPPorts = [ 443 80 9100 9115 ]; };
+    firewall = { 
+      allowedTCPPorts = [ 443 80 9100 9115 ]; 
+      trustedInterfaces = ["wg0" ];
+      };
     nameservers = [ "192.168.69.1" "1.1.1.1" ];
 
     # Fallback ntp service, this one being T-Online
@@ -108,7 +111,7 @@
       "ptbtime2.ptb.de"
       "ptbtime3.ptb.de"
     ];
-    trustedInterfaces = ["wg0" ];
+
     hostName = "mayer";
   };
 

diff --git a/machines/phelps/configuration.nix b/machines/phelps/configuration.nix
@@ -70,14 +70,14 @@
   networking = {
     firewall = {
       allowedTCPPorts = [ 443 80 ];
+      trustedInterfaces = [ "wg0" ];
     };
     nameservers = [ "192.168.69.1" "1.1.1.1" ];
     timeServers = [
       "ptbtime1.ptb.de"
       "ptbtime2.ptb.de"
       "ptbtime3.ptb.de"
     ];
-    trustedInterfaces = ["wg0"];
     hostName = "phelps";
   };
 }