nixos-dotfiles/home/seanomik/wireguard.nix

40 lines
905 B
Nix
Raw Normal View History

{ config, pkgs, ... }:
{
networking.wireguard.interfaces =
let
homeip = builtins.readFile ../../sensitives/homeip;
in {
server = {
ips = [ "10.0.0.2/32" ];
listenPort = 2751;
privateKeyFile = config.age.secrets.serverwg-priv.path;
peers = [
{
publicKey = "Lk+EHt6+6HPUeXigdBTbv/j4yAcs2MyGumbgrOD5WTA=";
allowedIPs = [ "10.0.0.1/32" ];
endpoint = homeip + ":2751";
persistentKeepalive = 25;
}
];
};
vpnbox = {
ips = [ "10.0.1.4/32" ];
listenPort = 2752;
privateKeyFile = config.age.secrets.vpnboxwg-priv.path;
peers = [
{
publicKey = "JTHjRp35MUbNSMOQnuE99mg0D0tyiprhH1KgIIQQLmg=";
allowedIPs = [ "10.0.1.1/32" "192.168.87.0/24" ];
endpoint = homeip + ":2752";
persistentKeepalive = 25;
}
];
};
};
}