Jules/nixos-config
1
0
Fork 0
forked from Bun/nixos-config
Code Pull requests Activity

Some experiments

Browse source
This commit is contained in:
Jimbo 2024-09-12 01:31:59 -04:00
parent a74c6d6293
commit 69b05190af
3 changed files with 14 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

8
nixos/server/wireguard.nix
View file

@ -6,7 +6,7 @@ in {
nat = {
enable = true;
externalInterface = "${ips.netInt}";
internalInterfaces = [ "wg0" ];
internalInterfaces = [ "${ips.wgInt}" ];
};
firewall.allowedUDPPorts = [ 51820 ];
};
@ -17,17 +17,17 @@ in {
# Wireguard interface name can be arbitrary
wg0 = {
# Determines the IP address and subnet of the server's end of the tunnel interface.
ips = [ "10.100.0.1/24" ];
ips = [ "${ips.wgSpan}.1/24" ];
listenPort = 51820;
privateKey = outputs.secrets.wireguardPriv;
peers = [
{ # Jimbo Pixel 9
publicKey = outputs.secrets.wirePixel9Pub;
allowedIPs = [ "10.100.0.2/32" ];
allowedIPs = [ "${ips.wgSpan}.2/32" ];
}
{ # Oracle VM
publicKey = outputs.secrets.wireOraclePub;
allowedIPs = [ "10.100.0.3/32" ];
allowedIPs = [ "${ips.wgSpan}.3/32" ];
}
];
};