osprey wireguard setup

provision/hosts/osprey/configuration.nix

@@ -39,13 +39,13 @@
     system = {
       ssh.enable = true;
       terminal.enable = true;
-      #wireguard-client = {
-      #  enable = true;
-      #  privateKeyFile = "/run/agenix/wireguard/kestrel";
-      #  address = [ "192.168.3.3/24" ];
-      #  publicKey = "bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=";
-      #  endpoint = "66.218.43.87";
-      #};
+      wireguard-client = {
+        enable = true;
+        privateKeyFile = "/run/agenix/wireguard/osprey";
+        address = [ "192.168.3.3/24" ];
+        publicKey = "bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=";
+        endpoint = "66.218.43.87";
+      };
     };
   };
 }

provision/hosts/torus/wireguard-server.nix

@@ -57,6 +57,11 @@
           publicKey = "CDoy/XI8FRQV/ySHigLWG2tpWVw8hgEZXRQCEE3qYHQ=";
           allowedIPs = [ "192.168.3.4/32" ];
         }
+        {
+          # Osprey 
+          publicKey = "xOn/GB4iK27f8oTrITodNNPIk6I4l34Fsde6i97aFR0=";
+          allowedIPs = [ "192.168.3.5/32" ];
+        }
         # More peers can be added here.
       ];
     };

provision/secrets/secrets.nix

@@ -16,6 +16,7 @@ in
   "wireguard/kestrel.age".publicKeys = users ++ systems;
   "wireguard/torus.age".publicKeys = systems;
   "wireguard/bulwark.age".publicKeys = systems;
+  "wireguard/osprey.age".publicKeys = [ tstarr_osprey ] ++ systems;
   "git/gitea-runner-1.age".publicKeys = systems;
   "nextcloud/password.age".publicKeys = systems;
   "ssh/kestrel/id_ed25519.age".publicKeys = [ tstarr_kestrel ] ++ systems;