summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
authorMel <mel@rnrd.eu>2026-04-24 03:10:11 +0200
committerMel <mel@rnrd.eu>2026-04-24 03:18:05 +0200
commitfa38ea010957a98e778c32b23a8f133b14afdef1 (patch)
tree2548538141908ceafa25c5f8ac7371d054b7bd87 /modules
parent97e935e0ff718cbec86605bf584a5660812bdce9 (diff)
downloadnetwork-fa38ea010957a98e778c32b23a8f133b14afdef1.tar.zst
network-fa38ea010957a98e778c32b23a8f133b14afdef1.zip
Give the VPN its final name 'Tunnel'
Signed-off-by: Mel <mel@rnrd.eu>
Diffstat (limited to 'modules')
-rw-r--r--modules/tunnel/definition.nix (renamed from modules/vpn/definition.nix)8
-rw-r--r--modules/tunnel/egress.nix (renamed from modules/vpn/egress.nix)0
-rw-r--r--modules/tunnel/ingress.nix (renamed from modules/vpn/ingress.nix)10
3 files changed, 9 insertions, 9 deletions
diff --git a/modules/vpn/definition.nix b/modules/tunnel/definition.nix
index 60ea5d0..74ae268 100644
--- a/modules/vpn/definition.nix
+++ b/modules/tunnel/definition.nix
@@ -1,4 +1,4 @@
-# definition of the network layout which supports our vpn
+# definition of the network layout which supports our tunnel
 # architecture.
 
 {
@@ -19,7 +19,7 @@
         short = "b20629b505f39194";
 
         public = "_837k5niQBE-qmgqpZalH3cS_fAIBwv8dwMoDW1uvgk";
-        keySecret = ../../secrets/vpn/egress-key-taupe.age;
+        keySecret = ../../secrets/tunnel/egress-key-taupe.age;
       };
     }
     {
@@ -31,7 +31,7 @@
         short = "8f7e9f8a3fa46bf0";
 
         public = "HvR4iP8URERpPBM4oG1Bjfw3mIfN0MoL2x6MHlt_TUM";
-        keySecret = ../../secrets/vpn/egress-key-taureau.age;
+        keySecret = ../../secrets/tunnel/egress-key-taureau.age;
       };
     }
   ];
@@ -70,6 +70,6 @@
   # the public key of the ingress interface.
   # when creating wireguard vpn configurations for the users, this
   # is the public key of the server peer at `tunnel.rnrd.eu`.
-  # the matching private key of the pair is the secret `vpn/ingress-key`.
+  # the matching private key of the pair is the secret `tunnel/ingress-key`.
   ingress.public = "s5yyPCJiN0uqW0jzKIbYCF7I9TthymiRzpNt466XeWk=";
 }
diff --git a/modules/vpn/egress.nix b/modules/tunnel/egress.nix
index 7858751..7858751 100644
--- a/modules/vpn/egress.nix
+++ b/modules/tunnel/egress.nix
diff --git a/modules/vpn/ingress.nix b/modules/tunnel/ingress.nix
index 6c6a78e..a1260c8 100644
--- a/modules/vpn/ingress.nix
+++ b/modules/tunnel/ingress.nix
@@ -23,8 +23,8 @@ let
     index: template: prefix:
     "${replaceString "X" (toString (index + 1)) template}/${toString prefix}";
 
-  ingressName = index: "vpn-ingress${toString index}";
-  egressName = "vpn-egress0";
+  ingressName = index: "tunnel-ingress${toString index}";
+  egressName = "tunnel-egress0";
   egressAddress = "10.123.255.1/16"; # /16 encompasses all possible subnet addresses
   egressMTU = 1400;
 
@@ -42,7 +42,7 @@ in
   };
 
   age.secrets.ingress-key = {
-    file = ../../secrets/vpn/ingress-key.age;
+    file = ../../secrets/tunnel/ingress-key.age;
     owner = "systemd-network";
   };
 
@@ -135,8 +135,8 @@ in
   # in this case, our communications crossing the borders are relying on vless.
   services.sing-box =
     let
-      inboundName = "vpn-in";
-      outboundName = egress: "vpn-out-${egress}";
+      inboundName = "tunnel-in";
+      outboundName = egress: "tunnel-out-${egress}";
     in
     {
       enable = true;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 12:30:05 +0000