brianmcgee
3e5a6799fe
Dirk's standard rules service only approves a generic `OnSign` request for a voluntary exit when the request's source IP is listed in `server.rules.admin-ips`. We add the `wg0` address for each machine with the admin role. Dirk reads the peer address off the socket via Go's `net.IP.String()` and matches `admin-ips` with exact string equality so we use `wg.canonAddrOf` to produce the same RFC 5952 form using Nix.