VPN updates

hosts/hurricane/vpn.nix

@@ -1,6 +1,6 @@
 {
   networking.wg-quick.interfaces = {
-    wg-felix = {
+    wg-felix-hurricane = {
       address = ["10.8.0.4/24"];
       dns = ["192.168.0.128"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/Felix-Hurricane-pk";
@@ -16,20 +16,20 @@
       ];
     };
 
-    wg-csb = {
+    wg-csb-hurricane = {
       address = ["192.168.108.17/22" "2a02:9a0:102:108::17/64"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/CSB-Hurricane-pk";
       peers = [
         {
           publicKey = "mTORKHkPcp9+c7VXqVfVseIOQZuJftoUYA0pBe87bDQ=";
-          allowedIPs = ["172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
+          allowedIPs = ["10.0.0.0/8" "172.18.0.0/16" "192.168.3.0/24" "192.168.10.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
           endpoint = "prod-net-vpn1.infra.brainmill.com:51819";
           persistentKeepalive = 25;
         }
       ];
     };
 
-    wg-fg = {
+    wg-fg-hurricane = {
       address = ["10.255.11.11/24" "2a02:9a0:300:fff0:11::11/64"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/FG-Hurricane-pk";
       peers = [
@@ -42,7 +42,7 @@
       ];
     };
 
-    wg-neanet = {
+    wg-neanet-hurricane = {
       address = ["192.168.108.25/32" "2a09:2681:204:1::27/64"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/Neanet-Hurricane-pk";
       peers = [

hosts/wildfire/vpn.nix

@@ -1,6 +1,6 @@
 {
   networking.wg-quick.interfaces = {
-    wg-felix = {
+    wg-felix-wildfire = {
       address = ["10.8.0.5/24"];
       dns = ["192.168.0.128"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/Felix-Wildfire-pk";
@@ -15,20 +15,20 @@
       ];
     };
 
-    wg-csb = {
+    wg-csb-wildfire = {
       address = ["192.168.108.27/22" "2a02:9a0:102:108::b/64"];
       privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/CSB-Wildfire-pk";
       peers = [
         {
           publicKey = "mTORKHkPcp9+c7VXqVfVseIOQZuJftoUYA0pBe87bDQ=";
-          allowedIPs = ["172.18.0.0/16" "192.168.3.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
+          allowedIPs = ["10.0.0.0/8" "172.18.0.0/16" "192.168.3.0/24" "192.168.10.0/24" "192.168.108.0/22" "2a02:9a0:102:108::/64" "2a02:9a0:ffff::/48"];
           endpoint = "prod-net-vpn1.infra.brainmill.com:51819";
           persistentKeepalive = 25;
         }
       ];
     };
 
-    #    wg-fg = {
+    #    wg-fg-wildfire = {
     #      address = ["10.255.11.11/24" "2a02:9a0:300:fff0:11::11/64"];
     #      privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/FG-Wildfire-pk";
     #      peers = [
@@ -41,7 +41,7 @@
     #      ];
     #    };
     #
-    #    wg-neanet = {
+    #    wg-neanet-wildfire = {
     #      address = ["192.168.108.25/32" "2a09:2681:204:1::27/64"];
     #      privateKeyFile = "/home/schulze/Nextcloud/secrets/wireguard/Neanet-Wildfire-pk";
     #      peers = [

modules/hm/ssh.nix

@@ -7,18 +7,23 @@
     matchBlocks = {
       "d10.csb.brainmill.com" = {
         forwardAgent = true;
+        port = 22;
       };
       "prod-admin-jump1.infra.csbnet.se" = {
         forwardAgent = true;
+        port = 22;
       };
       "prod-jump-got1.infra.brainmill.com" = {
         forwardAgent = true;
+        port = 22;
       };
       "gw1.net.chsfg.se" = {
         forwardAgent = true;
+        hostname = "2a02:9a0:fffe:4::3";
       };
       "gw2.net.chsfg.se" = {
         forwardAgent = true;
+        hostname = "2a02:9a0:fffe:4::5";
       };
       "cv11-stor-gw.net.chsfg.se" = {
         proxyCommand = "ssh prod-admin-jump1.infra.csbnet.se /bin/nc %h 22";