From b7ff5d4869d2c53a2735ae817d2b5a2efa01aa5e Mon Sep 17 00:00:00 2001
From: arnie <arnie@c3c.cz>
Date: Thu, 10 Jul 2025 10:45:06 +0200
Subject: [PATCH] Configure wireguard and ssh access for mac

---
 .authorized-keys/dingleberry        |  1 +
 .authorized-keys/lcech-mac-veracode |  1 +
 darwin/lcech-mac-veracode.nix       |  4 ++++
 home-manager/lcech-mac-veracode.nix | 35 +++++++++++++++++++++++++++++
 4 files changed, 41 insertions(+)
 create mode 100644 .authorized-keys/dingleberry
 create mode 100644 .authorized-keys/lcech-mac-veracode

diff --git a/.authorized-keys/dingleberry b/.authorized-keys/dingleberry
new file mode 100644
index 0000000..e6fecb4
--- /dev/null
+++ b/.authorized-keys/dingleberry
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxA6m6fD1jch/HwkWBaaYyr0HPttzM0i1D+V2MtMmFK becky@dingleberry
diff --git a/.authorized-keys/lcech-mac-veracode b/.authorized-keys/lcech-mac-veracode
new file mode 100644
index 0000000..79fd404
--- /dev/null
+++ b/.authorized-keys/lcech-mac-veracode
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFOQaA7023StG5vSl0txUbAXmPdsIFeWHLDHXlT5yZp lcech@lcech-mac-veracode
diff --git a/darwin/lcech-mac-veracode.nix b/darwin/lcech-mac-veracode.nix
index 508549f..082b936 100644
--- a/darwin/lcech-mac-veracode.nix
+++ b/darwin/lcech-mac-veracode.nix
@@ -24,4 +24,8 @@
     "/Applications/zoom.us.app"
     "/System/Applications/Notes.app"
   ];
+
+  users.users.lcech.openssh.authorizedKeys.keys = [
+    "${builtins.readFile ../.authorized-keys/dingleberry}"
+  ];
 }
diff --git a/home-manager/lcech-mac-veracode.nix b/home-manager/lcech-mac-veracode.nix
index 437105d..dd53e86 100644
--- a/home-manager/lcech-mac-veracode.nix
+++ b/home-manager/lcech-mac-veracode.nix
@@ -53,6 +53,20 @@ in
       '';
     };
 
+    "${homedir}/.ssh/config" = {
+      text = ''
+        Include /Users/lcech/.colima/ssh_config
+
+        host git.c3c.cz
+                Port 5522
+
+        host dingleberry
+                User becky
+                Hostname 10.196.196.5
+                IdentityFile ~/.ssh/id_ed25519_access
+      '';
+    };
+
     "${homedir}/.hammerspoon/hmSpoons/C3CWorkspace.spoon" = {
       source = ./hammerspoon/C3CWorkspace.spoon;
       recursive = true;
@@ -158,6 +172,27 @@ in
 
     shellAliases = {
       hammerspoon-config = "open -a ${pkgs.hammerspoon}/Applications/Hammerspoon.app/Contents/MacOS/Hammerspoon";
+      get-key = "${pkgs.writeShellScript "get-key" ''
+        scp dingleberry:/self/hintihint/keys/sum.key ${homedir}/hw.key
+        read -p "waiting for confirmation to delete the key"
+        rm ${homedir}/hw.key
+      ''}";
+      wg-home = "${pkgs.writeShellScript "wg-home" ''
+        WG=$(sudo wg show)
+        if [[ "$WG" != "" ]]; then
+          if [[ $(echo "$WG" | grep endpoint | cut -c13-26) == "10.125.248.248" ]]; then
+            sudo wg-quick down /etc/wireguard/home.conf
+          else
+            sudo wg-quick down /etc/wireguard/home-remote.conf
+          fi
+        fi
+
+        if [[ $(dig +short myip.opendns.com @resolver1.opendns.com) == "185.142.210.84" ]]; then
+          sudo wg-quick up /etc/wireguard/home.conf
+        else
+          sudo wg-quick up /etc/wireguard/home-remote.conf
+        fi
+      ''}";
     };
 
     initContent = ''