tinc: fix last issues with insecure net on porani

configs/porani/syncthing.nix

@@ -1,4 +1,7 @@
 { config, pkgs, lib, ... }: {
+
+  networking.firewall.interfaces."tinc.insecure".allowedTCPPorts = [ 8384 ];
+
   custom.samba-share = {
     enable = true;
     folders = {
@@ -10,6 +13,7 @@
   };
 
   test.services.syncthing = {
+    guiAddress = lib.mkForce "${config.networking.hostName}.insecure:8384";
     enable = true;
     openDefaultPorts = true;
     declarative = {

configs/porani/tinc.nix

@@ -1,11 +1,11 @@
 { config, lib, pkgs, ... }: {
 
   module.cluster.services.tinc = {
-    "private" = {
+    #"private" = {
-      enable = true;
+    #  enable = true;
-      openPort = true;
+    #  openPort = true;
-      connectTo = [ "sputnik" ];
+    #  connectTo = [ "sputnik" ];
-    };
+    #};
     "insecure" = {
       enable = true;
       openPort = true;

system/desktop/home-manager/ssh.nix

@@ -15,6 +15,11 @@ with lib; {
         identitiesOnly = true;
         user = "root";
       };
+      "*.insecure" = {
+        identityFile = "~/.ssh/card_rsa.pub";
+        identitiesOnly = true;
+        user = "root";
+      };
       "*.private" = {
         identityFile = "~/.ssh/card_rsa.pub";
         identitiesOnly = true;