summaryrefslogtreecommitdiff
path: root/os/cez/modules/wireguard.nix
diff options
context:
space:
mode:
Diffstat (limited to 'os/cez/modules/wireguard.nix')
-rw-r--r--os/cez/modules/wireguard.nix58
1 files changed, 38 insertions, 20 deletions
diff --git a/os/cez/modules/wireguard.nix b/os/cez/modules/wireguard.nix
index 47b857a..3cffe66 100644
--- a/os/cez/modules/wireguard.nix
+++ b/os/cez/modules/wireguard.nix
@@ -25,27 +25,45 @@ let
in
{
sops.secrets."misc/wireguard" = { };
+ environment.systemPackages = [ helper ];
- networking.wg-quick.interfaces.${wgIface} = {
- autostart = false;
- address = [ "10.0.1.2/24" ];
- dns = [ "10.0.1.1" ];
- mtu = 1412;
- privateKeyFile = config.sops.secrets."misc/wireguard".path;
+ networking.wg-quick.interfaces = {
+ ${wgIface} = {
+ autostart = false;
+ address = [ "10.0.1.2/24" ];
+ dns = [ "10.0.1.1" ];
+ mtu = 1412;
+ privateKeyFile = config.sops.secrets."misc/wireguard".path;
- peers = [
- {
- publicKey = "wJMyQDXmZO4MjYRk6NK4+J6ZKWLTTZygAH+OwbPjOiw=";
- allowedIPs = [
- "10.0.1.0/24"
- "104.16.0.0/12"
- "172.64.0.0/13"
- ];
- endpoint = "${domain}:51820";
- persistentKeepalive = 25;
- }
- ];
- };
+ peers = [
+ {
+ publicKey = "wJMyQDXmZO4MjYRk6NK4+J6ZKWLTTZygAH+OwbPjOiw=";
+ allowedIPs = [
+ "10.0.1.0/24"
+ "104.16.0.0/12"
+ "172.64.0.0/13"
+ ];
+ endpoint = "${domain}:51820";
+ persistentKeepalive = 25;
+ }
+ ];
+ };
- environment.systemPackages = [ helper ];
+ bud = {
+ autostart = true;
+ address = [ "10.54.132.2/24" ];
+ dns = [ "10.54.132.1" ];
+ mtu = 1420;
+ privateKeyFile = config.sops.secrets."misc/wireguard".path;
+
+ peers = [
+ {
+ publicKey = "O2GRMEWf22YRGKexHAdg1fitucTZ/U/om2MWEJMeyFQ=";
+ allowedIPs = [ "10.54.132.0/24" ];
+ endpoint = "dev.bud.studio:51820";
+ persistentKeepalive = 25;
+ }
+ ];
+ };
+ };
}