From 803602949b041dc39cc2b96a97e223707ac67fad Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Thu, 8 Jan 2026 16:19:45 +0100 Subject: [PATCH] update mullvad setup on wheatley --- nixos/hosts/wheatley/configuration.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index 6572219..cce2cc3 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -170,23 +170,25 @@ pkgs.stubby.passthru.settingsExample // { upstream_recursive_servers = [ + # kdig -d @194.242.2.4 +tls-ca +tls-host=base.dns.mullvad.net example.com { address_data = "192.242.2.4"; tls_auth_name = "base.dns.mullvad.net"; tls_pubkey_pinset = [ { digest = "sha256"; - value = "g8bfYNSxU86c8odFPsdTvWnC2VZkxIiHLZ2a6pydEjI="; + value = "vRABi3U719mJG1E/XyyrJ+3K43XdmJB+XuzaKESPRSs="; } ]; } + # kdig -d @2a07:e340::4 +tls-ca +tls-host=base.dns.mullvad.net example.com { address_data = "2a07:e340::4"; tls_auth_name = "base.dns.mullvad.net"; tls_pubkey_pinset = [ { digest = "sha256"; - value = "g8bfYNSxU86c8odFPsdTvWnC2VZkxIiHLZ2a6pydEjI="; + value = "1ABYdzvvAq7Ec7+Wl5KrRcgPeXsIGLBU7I+89u94bcw="; } ]; } @@ -249,7 +251,7 @@ # wg public key for host: A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg= # TODO: generate this dynamically based on other hosts wg0 = { - address = ["10.70.93.226/32" "fc00:bbbb:bbbb:bb01::7:5de1/128"]; + address = ["10.73.141.73/32" "fc00:bbbb:bbbb:bb01::a:8d48/128"]; privateKeyFile = lib.mkForce config.sops.secrets."wg-private-key".path; dns = ["100.64.0.7"]; extraOptions = { @@ -274,7 +276,7 @@ { publicKey = "/wPQafVa/60OIp8KqhC1xTTG+nQXZF17uo8XfdUnz2E="; allowedIPs = ["0.0.0.0/0" "::0/0"]; - endpoint = "31.171.154.50:51820"; + endpoint = "193.32.249.70:51820"; } ]; };