# shared tinc file between client and server { config, pkgs, lib, ... }: let nixosMachines = import <test-generated/nixos-machines.nix>; in { imports = [ <cluster-module> ]; networking.firewall.trustedInterfaces = [ "tinc.private" ]; # nix-shell -p tinc_pre --run "tinc --config . generate-keys 4096" module.cluster.services.tinc = { "test" = { networkSubnet = "10.123.142.0/24"; extraConfig = '' LocalDiscovery = yes ''; privateEd25519KeyFile = toString <test-assets/tinc/ed25519_key>; privateRsaKeyFile = toString <test-assets/tinc/rsa_key>; hosts = { server = { tincIp = "10.123.142.1"; realAddress = [ nixosMachines.nixserver-server.host.ipv4 ]; publicKey = lib.fileContents <test-assets/tinc/server_host_file>; }; sterni = { tincIp = "10.123.142.100"; publicKey = lib.fileContents <test-assets/tinc/server_host_file>; }; }; }; }; }