diff options
-rw-r--r-- | host/automatix.nix | 1 | ||||
-rw-r--r-- | host/software/server/wireguard.nix | 26 |
2 files changed, 27 insertions, 0 deletions
diff --git a/host/automatix.nix b/host/automatix.nix index 9967430..d95f12e 100644 --- a/host/automatix.nix +++ b/host/automatix.nix @@ -7,6 +7,7 @@ ./software/server/git.nix ./software/server/mail.nix ./software/server/website.nix + ./software/server/wireguard.nix ]; boot.loader.grub = { diff --git a/host/software/server/wireguard.nix b/host/software/server/wireguard.nix new file mode 100644 index 0000000..3b48315 --- /dev/null +++ b/host/software/server/wireguard.nix @@ -0,0 +1,26 @@ +{ + networking.firewall = { + allowedUDPPorts = [ 54321 ]; + }; + + networking.wireguard.interfaces = { + wg0 = { + ips = [ "10.100.0.1/24" ]; + + listenPort = 54321; + + privateKeyFile = "/etc/wireguard/private"; + + peers = [ + { # obelix + publicKey = "RrsNZKZ17Ol1WHxZesLnenGKnqxiQlE0T8xFP6/5mBE="; + allowedIPs = [ "10.100.0.2/32" ]; + } + { # majestix + publicKey = "Tkoaewh9HB5rIuJVrFgClRF4x7prOtIlSJjiTYCpxis="; + allowedIPs = [ "10.100.0.3/32" ]; + } + ]; + }; + }; +} |