use cat for injecting nix-sops secrets in chezmoi and readd configs for bulwark and adjudicator

home/.chezmoi.yaml

@@ -0,0 +1,2 @@
+secret:
+  command: "cat"

home/private_dot_wireguardd/adjudicator.conf.tmpl

@@ -0,0 +1,11 @@
+[Interface]
+# your own IP on the wireguard network
+Address = 192.168.3.2/24
+PrivateKey = {{ (secret "/run/secrets/wireguard/adjudicator") }}
+
+[Peer]
+PublicKey = bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=
+# restrict this to the wireguard subnet if you don't want to route everything to the tunnel
+AllowedIPs = 0.0.0.0/0, ::/0
+# ip and port of the peer
+Endpoint = 66.218.43.87:51820

home/private_dot_wireguardd/bulwark.conf.tmpl

@@ -0,0 +1,11 @@
+[Interface]
+# your own IP on the wireguard network
+Address = 192.168.3.4/24
+PrivateKey = {{ (secret "/run/secrets/wireguard/bulwark") }}
+
+[Peer]
+PublicKey = bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=
+# restrict this to the wireguard subnet if you don't want to route everything to the tunnel
+AllowedIPs = 0.0.0.0/0, ::/0
+# ip and port of the peer
+Endpoint = 66.218.43.87:51820