Skip to content
Permalink
Branch: master
Commits on May 15, 2019
  1. feat(vpn): allow clients to connect to VPN

    thoferon committed May 15, 2019
    Other machines (e.g. developers' laptops) can use the VPN to connect to
    the different nodes in the cluster or even to route traffic through the
    VPN. Any server in the cluster acts as a NAT router.
    
    NixOS configuration for the clients can be found in test.nix.
Commits on May 12, 2019
  1. feat(secret): new NixOS module for sharing secrets

    thoferon committed May 12, 2019
    Shared files are served via HTTP and encrypted with a preshared secret
    key. Remote files are fetched only if they are not already present.
    
    It is used to share Wireguard's public keys of the nodes with each
    other. For more sensitive data, future work should allow for asymmetric
    encryptions, the public keys being initially shared with this symmetric
    scheme.
    
    Options in the module are available to make it serve some files only
    within the VPN. This must remain the default setting.
You can’t perform that action at this time.