docs: update the READMEs

README.adoc

@@ -138,7 +138,7 @@ There's no use for anyone else, really. :(
 === What should not be here?
 
 Despite being a NixOS configuration, this is not meant to be fully reproducible by anyone.
-There are still some things that would need to be privately held such as the following list of things not visible here.
+There are still some things that would need to be privately held as indicated by the following list.
 
 - Associated private keys: GPG, SSH, age, you name it.
 They are used with a secret management tool (see <<secrets-management>> for more information) to encrypt the more sensitive parts of the system such as credentials and environment files.
@@ -150,8 +150,7 @@ Though the unreproducible part is only like 10% of the whole configuration, it c
 Keep in mind, it comes with a few restrictions due to the lack of the appropriate credentials.
 
 - Certain tasks will not start.
-Most of the project tasks found in this repo requires the associated private key with the task which are not found in this repo.
+Most of the project tasks found in this repo requires the associated private key with the task.
-This is locked behind a secrets management tool.
 An example would be the link:./modules/nixos/tasks/backup-archive[Borg backup task] where it needs several files and credentials locked from the secrets management tool.
 
 - Certain components will be missing.

hosts/plover/README.adoc

@@ -10,7 +10,10 @@ This configuration is expected to be deployed in a Google Compute instance.
 It has a reasonable set of assumptions to keep in mind when modifying this configuration:
 
 - Most of the defaults are left to the link:https://github.com/NixOS/nixpkgs/tree/f92201f46109aabbbf41b8dc24bb9d342eb93a35/nixos/modules/virtualisation[image profiles from nixpkgs] including networking options and filesystems.
+Though, they should be handled on link:./modules/hardware[`./modules/hardware`].
+
 - No additional storage drives.
+
 - At least 32 GB of space is assumed.
 
 Some of the self-hosted services from this server:
@@ -19,6 +22,7 @@ Some of the self-hosted services from this server:
 * A link:https://github.com/dani-garcia/vaultwarden[Vaultwarden] instance for a little password management.
 * A link:https://gitea.io/[Gitea] instance for my personal projects.
 * A link:https://www.keycloak.org/[Keycloak] instance for identity management.
+* A VPN tunnel with link:https://www.wireguard.com/[Wireguard].
 * An LDAP server with link:https://www.openldap.org/[OpenLDAP].
 
 
@@ -123,7 +127,7 @@ hcloud firewall add-rule plover-firewall --direction in --protocol tcp --port 63
 ----
 
 Next up, the networking setup which is composed of a public IP used for accessing some services and a private network used to communicate inside of the network.
-However, the main reason we have a private network is to setup a VPN service.
+However, the main reason we have a private network is to setup a VPN service to hide some of the more sensitive services.
 
 You can create one from Hetzner Cloud web UI.
 If you want to create with `hcloud`, however...
@@ -131,6 +135,7 @@ If you want to create with `hcloud`, however...
 [source, shell]
 ----
 hcloud network create --name plover-local --ip-range 172.16.0.0/12
+hcloud network create --name wide-wide-wan --ip-range 10.0.0.0/8
 ----
 
 To deploy this to Hetzner Cloud, just initialize a server and run link:https://github.com/elitak/nixos-infect/[nixos-infect] script.
@@ -149,7 +154,7 @@ You could also easily create a server with `hcloud` with the following command:
 [source, shell]
 ----
 hcloud server create --location hel1 --type cx21 --image ubuntu-22.04 \
-    --firewall plover-firewall --network plover-local \
+    --firewall plover-firewall --network plover-local --network wide-wide-wan \
     --user-data-from-file ./files/hcloud/hcloud-user-data.yml \
     --ssh-key foodogsquared@foodogsquared.one \
     --name nixos-plover