summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--host/automatix.nix1
-rw-r--r--host/software/server/wireguard.nix26
2 files changed, 27 insertions, 0 deletions
diff --git a/host/automatix.nix b/host/automatix.nix
index 9967430..d95f12e 100644
--- a/host/automatix.nix
+++ b/host/automatix.nix
@@ -7,6 +7,7 @@
./software/server/git.nix
./software/server/mail.nix
./software/server/website.nix
+ ./software/server/wireguard.nix
];
boot.loader.grub = {
diff --git a/host/software/server/wireguard.nix b/host/software/server/wireguard.nix
new file mode 100644
index 0000000..3b48315
--- /dev/null
+++ b/host/software/server/wireguard.nix
@@ -0,0 +1,26 @@
+{
+ networking.firewall = {
+ allowedUDPPorts = [ 54321 ];
+ };
+
+ networking.wireguard.interfaces = {
+ wg0 = {
+ ips = [ "10.100.0.1/24" ];
+
+ listenPort = 54321;
+
+ privateKeyFile = "/etc/wireguard/private";
+
+ peers = [
+ { # obelix
+ publicKey = "RrsNZKZ17Ol1WHxZesLnenGKnqxiQlE0T8xFP6/5mBE=";
+ allowedIPs = [ "10.100.0.2/32" ];
+ }
+ { # majestix
+ publicKey = "Tkoaewh9HB5rIuJVrFgClRF4x7prOtIlSJjiTYCpxis=";
+ allowedIPs = [ "10.100.0.3/32" ];
+ }
+ ];
+ };
+ };
+}