From 3089d2bdb4d3ce7271ad0eac1ace94ad220d772b Mon Sep 17 00:00:00 2001
From: Felix Schulze <admin@schulze.network>
Date: Thu, 26 Jun 2025 16:44:41 +0200
Subject: [PATCH] hurricane: 77 current  2025-06-26 16:44:16 
 25.05.20250620.b2485d5     6.15.3                          *

VPN prefix simplification
---
 hosts/hurricane/vpn.nix | 5 ++---
 hosts/wildfire/vpn.nix  | 4 ++--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/hosts/hurricane/vpn.nix b/hosts/hurricane/vpn.nix
index 6aa5df3..945dcee 100644
--- a/hosts/hurricane/vpn.nix
+++ b/hosts/hurricane/vpn.nix
@@ -22,13 +22,12 @@
       peers = [
         {
           publicKey = "mTORKHkPcp9+c7VXqVfVseIOQZuJftoUYA0pBe87bDQ=";
-          allowedIPs = ["172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
+          allowedIPs = ["95.80.0.0/18" "45.134.56.0/22" "172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0::/32"];
           endpoint = "prod-net-vpn1.infra.brainmill.com:51819";
           persistentKeepalive = 25;
         }
       ];
     };
-
     wg-fg = {
       address = ["10.255.11.11/24" "2a02:9a0:300:fff0:11::11/64"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/FG-Hurricane-pk";
@@ -48,7 +47,7 @@
       peers = [
         {
           publicKey = "nz1m0crkdarW7y+/p6hKCGncMVHlVhbz0URA6Z71RmM=";
-          allowedIPs = ["2a09:2681:204:1::/64" "2a09:2681:ffff:13::/64" "2a09:2681:ffff:14::/64" "2a09:2681:ffff:15::/64" "2a09:2681:ffff:16::/64" "172.18.255.0/24"];
+          allowedIPs = ["185.239.220.0/22" "172.18.255.0/24" "2a09:2681::/32"];
           endpoint = "prod-jump-got1.infra.brainmill.com:51820";
           persistentKeepalive = 25;
         }
diff --git a/hosts/wildfire/vpn.nix b/hosts/wildfire/vpn.nix
index b7873ad..087c0fe 100644
--- a/hosts/wildfire/vpn.nix
+++ b/hosts/wildfire/vpn.nix
@@ -21,7 +21,7 @@
       peers = [
         {
           publicKey = "mTORKHkPcp9+c7VXqVfVseIOQZuJftoUYA0pBe87bDQ=";
-          allowedIPs = ["172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
+          allowedIPs = ["95.80.0.0/18" "45.134.56.0/22" "172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0::/32"];
           endpoint = "prod-net-vpn1.infra.brainmill.com:51819";
           persistentKeepalive = 25;
         }
@@ -47,7 +47,7 @@
     #      peers = [
     #        {
     #          publicKey = "nz1m0crkdarW7y+/p6hKCGncMVHlVhbz0URA6Z71RmM=";
-    #          allowedIPs = ["2a09:2681:204:1::/64" "2a09:2681:ffff:13::/64" "2a09:2681:ffff:14::/64" "2a09:2681:ffff:15::/64" "2a09:2681:ffff:16::/64" "172.18.255.0/24"];
+    #          allowedIPs = ["185.239.220.0/22" "172.18.255.0/24" "2a09:2681::/32"];
     #          endpoint = "prod-jump-got1.infra.brainmill.com:51820";
     #          persistentKeepalive = 25;
     #        }