2026-05-09 00:13:37 +00:00
3 changed files with 43 additions and 74 deletions
--- a/hosts/lazyworkhorse/configuration.nix
+++ b/hosts/lazyworkhorse/configuration.nix
@@ -50,9 +50,9 @@
  networking.hostId = "deadbeef";

  # WireGuard VPN client -- always up, connects to wg-easy server
-  # Before deploying, create age-encrypted secrets:
-  #   echo -n "IOWDh8tH19DGphAkEr46zN0pRl61tmbAynrMkaFo30M=" | agenix -e secrets/wireguard_private_key.age
-  #   echo -n "TIE9hcyOESofAiyJ1Md4CcPruTRXG63rItV9rmV3UDk=" | agenix -e secrets/wireguard_preshared_key.age
+  # Create age-encrypted secrets before deploying (run on the host):
+  #   echo -n "<private_key>" | agenix -e secrets/wireguard_private_key.age
+  #   echo -n "<preshared_key>" | agenix -e secrets/wireguard_preshared_key.age
  networking.wireguard.interfaces = {
    wg0 = {
      ips = [ "10.8.0.3/24" ];