45 lines
904 B
Nix
45 lines
904 B
Nix
{
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
networking = {
|
|
|
|
hostName = config.hostcfg.hostname;
|
|
useDHCP = true;
|
|
supplicant = {
|
|
"${config.hostcfg.wlp_if}" = {
|
|
configFile.path = config.sops.secrets.wifi.path;
|
|
extraConf = ''
|
|
network={
|
|
ssid="test"
|
|
psk="12345678"
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
|
|
firewall = {
|
|
enable = true;
|
|
};
|
|
|
|
wireguard = {
|
|
enable = true;
|
|
interfaces = {
|
|
wg0 = {
|
|
ips = [ config.hostcfg.wg_ip4 config.hostcfg.wg_ip6 ];
|
|
privateKeyFile = config.hostcfg.wg_pk;
|
|
listenPort = 1515;
|
|
peers = [{
|
|
allowedIPs = [ "10.10.1.0/24" "fd10:10:10::0/64" ];
|
|
endpoint = "vpn.helcel.net:1515";
|
|
publicKey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q=";
|
|
persistentKeepalive = 25;
|
|
}];
|
|
};
|
|
};
|
|
};
|
|
|
|
};
|
|
|
|
} |