29 lines
707 B
Nix
29 lines
707 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
secrets = config.services.secrets.secrets;
|
|
in {
|
|
environment.systemPackages = with pkgs; [wireguard-tools];
|
|
networking.wg-quick.interfaces = {
|
|
wg-harry-vpn = {
|
|
autostart = false;
|
|
address = ["185.186.9.71/26" "2a0b:6b84:2022:6::1/64"];
|
|
dns = ["8.8.8.8"];
|
|
mtu = 1280;
|
|
privateKeyFile = "${secrets.wg_harry_priv.path}";
|
|
|
|
peers = [
|
|
{
|
|
publicKey = "7B6KSFqTHM7A7Nv24GIeUhDDh2XnlT7UqG5U+Si+zmc=";
|
|
presharedKeyFile = "${secrets.wg_harry_preshared.path}";
|
|
allowedIPs = ["0.0.0.0/0" "::/0"];
|
|
endpoint = "185.186.9.1:8081";
|
|
persistentKeepalive = 25;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|