43 lines
907 B
Nix
43 lines
907 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
extraInfo,
|
|
...
|
|
}:
|
|
{
|
|
environment.systemPackages = with pkgs; [ wireguard-tools ];
|
|
|
|
networking.firewall.allowedUDPPorts = [ 51820 ];
|
|
networking.wg-quick.interfaces.wg0 = {
|
|
address = [ "10.100.0.1/8" ];
|
|
|
|
listenPort = 51820;
|
|
privateKeyFile = config.sops.secrets.wg0_private.path;
|
|
|
|
peers = [
|
|
{
|
|
# PC Portable
|
|
publicKey = "maCF41/gOh5p0BBgOh0x9S/ourGSM7qrFfEgmB+XGHY=";
|
|
allowedIPs = [ "10.100.0.3" ];
|
|
}
|
|
|
|
{
|
|
# london
|
|
publicKey = extraInfo.wireguard.londonPublicKey;
|
|
allowedIPs = [ "10.100.0.4" ];
|
|
}
|
|
|
|
{
|
|
# Mate 20 Pro
|
|
publicKey = "JoW+Iwysip46WWKJINneXWWG2YszzKEKlI3dW4SIjg0=";
|
|
allowedIPs = [ "10.100.0.5" ];
|
|
}
|
|
# Camelot
|
|
{
|
|
publicKey = "lDGxdsruARpkOlZHCkdkNg4v+eEU9m+jt0VO0v747gk=";
|
|
allowedIPs = [ "10.100.0.6" ];
|
|
}
|
|
];
|
|
};
|
|
}
|