Sigaint/vyos-config-ncl
2
0
Fork 0
mirror of https://github.com/sigaint-au/vyos-config-nsw02.git synced 2026-06-03 21:21:03 +00:00
Code Issues Projects Releases Packages Wiki Activity
NSW02 Configuration
28 commits 1 branch 0 tags 60 KiB
  • Shell 100%
Find a file
Exact
Mark Hahl 99fa728b46 update certificates
2025-12-29 19:50:59 +11:00
config-parts update decrpytion scripts 2025-12-29 19:43:50 +11:00
hosts fix domain 2025-04-18 14:22:04 +10:00
scripts update certificates 2025-12-29 19:50:59 +11:00
secrets update certificates 2025-12-29 19:50:59 +11:00
.gitignore update decrpytion scripts 2025-12-29 19:43:50 +11:00
apply-config.sh update decrpytion scripts 2025-12-29 19:43:50 +11:00
README.md initial commit 2025-04-18 13:08:39 +10:00

README.md

VyOS Configuration

Manage your VyOS device configuration.

Setup

Getting the code

Clone the code onto your vyos machine into the '/'

Secrets

Secrets are stored in the secrets/* directory are are gpg encrypted. The file looks like the following example:

# interface wireguard
export secret_wireguard_wg600_private_key="NGZiMmJlMDAtZDQ2OS0xMWVmLWExYTItODRhOTNlNzM0ODI3Cg=="
export secret_wireguard_wg600_public_key="NTRmYjE1OGMtZDQ2OS0xMWVmLWExYTItODRhOTNlNzM0ODI3Cg=="
export secret_dns_dynamic_cloudflare_password="5e11dbdd-d469-11ef-a1a2-84a93e734827"

These export the secrets are environment variables are are substuted into any lines in the config-parts/*.sh files. To use a secret in an interface for wireguard you might have the following configuration:

set interfaces wireguard wg600 peer Site__ABC public-key "$secret_wireguard_wg600_public_key"
set interfaces wireguard wg600 private-key "$secret_wireguard_wg600_private_key"