Use IPv6 for WG transport to decrease latency by 20%

Signed-off-by: Egor Savkin <es@m-labs.hk>

nixbld-etc-nixos/configuration.nix

@@ -1174,7 +1174,6 @@ in
     enable = true;
     package = pkgs.callPackage ./flarum {};
     domain = "forum.m-labs.hk";
-    createDatabaseLocally = true;
   };
 
   services.rt = {

nixops/common-users.nix

@@ -111,6 +111,27 @@
       "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBK1tUg7TtceARRnGI80Ai5kNFolFfZ++LH9v1UoRCiJdxeQWPdNYO0Gj7+ejJvgZXwvN4yHGgcZHraEml4Mj/dKrEMFygfuYLDRmXtPFwX6TNMrWlxMhPzuNY+yCaxlqYg=="
     ];
   };
+  architeuthis = {
+    isNormalUser = true;
+    extraGroups = ["plugdev" "dialout"];
+    openssh.authorizedKeys.keys = [
+      "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBMhLPEGWDUauFHjiVduBMJrIMKT8SvtTDHXDVudUZrhewQy08h4NEEyWmczP4WMeyugI/L/a+J+Vc8mImgqSoHw52823LVcnR9EKnJoqnwAHU/J+41vIWAN2LAryd4p9yg=="
+    ];
+  };
+  abdul = {
+    isNormalUser = true;
+    extraGroups = ["plugdev" "dialout"];
+    openssh.authorizedKeys.keys = [
+      "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBONzKWn65erPM2xBCe9Dcw8dHRQCJmvzwhX72iHE1xVlAr7UcB1PMOjEB25MFfV/kCIFS5UB5wuoPvq+/oZ3EXiFjmQtsb669KN6MkZNyDqP5Y2W8gR1wVa/ZLfH4HynHg=="
+    ];
+  };
+  lyken = {
+    isNormalUser = true;
+    extraGroups = ["plugdev" "dialout"];
+    openssh.authorizedKeys.keys = [
+      "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBJ88QJlh/+F/xwXQlPEmQVmtycb8FfabxCdeiP3gTHUCV8y4PLh3ubY+EsY+Xhy/GlOAPdX7KSpiII3dndYfwZWzorXVoPBhhPKEIumFBOinWfp5kRVzWOD61gCwsYoVBg=="
+    ];
+  };
 
   dpn = {
     isNormalUser = true;

remote-ipsec.txt

@@ -1,49 +0,0 @@
-connections {
-  bypass-ipsec {
-    remote_addrs = 127.0.0.1
-    children {
-      bypass-isakmp-v4 {
-        local_ts = 0.0.0.0/0[udp/isakmp]
-        remote_ts = 0.0.0.0/0[udp/isakmp]
-        mode = pass
-        start_action = trap
-      }
-      bypass-isakmp-v6 {
-        local_ts = ::/0[udp/isakmp]
-        remote_ts = ::/0[udp/isakmp]
-        mode = pass
-        start_action = trap
-      }
-    }
-  }
-  m_labs {
-    version = 2
-    encap = no
-    mobike = no
-    send_certreq = no
-    proposals = aes128gcm128-sha256-prfsha256-curve25519,aes128gcm128-sha256-prfsha256-ecp256
-    local_addrs = 103.206.98.1
-    remote_addrs = 94.190.212.123
-    local {
-      auth = pubkey
-      id = fqdn:igw0.hkg.as150788.net
-      pubkeys = igw0.hkg.as150788.net
-    }
-    remote {
-      auth = pubkey
-      id = fqdn:m-labs.hk
-      pubkeys = m-labs.hk
-    }
-    children {
-      con1 {
-        mode = transport
-        ah_proposals = sha256-curve25519,sha256-ecp256
-        esp_proposals =
-        local_ts = 103.206.98.1[gre]
-        remote_ts = 94.190.212.123[gre]
-        start_action = none
-        close_action = none
-      }
-    }
-  }
-}