diff options
Diffstat (limited to 'os/cez/modules/wireguard.nix')
| -rw-r--r-- | os/cez/modules/wireguard.nix | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/os/cez/modules/wireguard.nix b/os/cez/modules/wireguard.nix new file mode 100644 index 0000000..2bf2252 --- /dev/null +++ b/os/cez/modules/wireguard.nix @@ -0,0 +1,20 @@ +{ config, ... }: +{ + sops.secrets."misc/wireguard" = { }; + + networking.wg-quick.interfaces.bud = { + autostart = false; + address = [ "10.54.132.2/24" ]; + mtu = 1420; + privateKeyFile = config.sops.secrets."misc/wireguard".path; + + peers = [ + { + publicKey = "O2GRMEWf22YRGKexHAdg1fitucTZ/U/om2MWEJMeyFQ="; + allowedIPs = [ "10.54.132.0/24" ]; + endpoint = "primary.k8s.bud.studio:51820"; + persistentKeepalive = 25; + } + ]; + }; +} |