Cloonar/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

changes

Browse source
This commit is contained in:
Dominik Polakovics Polakovics 2024-10-16 20:24:40 +02:00
parent b7bfb0f62a
commit c681eb3139
110 changed files with 2924 additions and 720 deletions
Download patch file Download diff file Expand all files Collapse all files

53
hosts/fw-new.cloonar.com/modules/wireguard.nix
View file

@ -1,53 +0,0 @@
{ config, ... }: {
sops.secrets.wg_cloonar_key = {};
sops.secrets.wg_epicenter_works_key = {};
sops.secrets.wg_epicenter_works_psk = {};
sops.secrets.wg_ghetto_at_key = {};
# https://wiki.archlinux.org/title/WireGuard#Loop_routing
networking.wireguard.interfaces = {
wg_cloonar = {
ips = [ "10.42.98.1/24" ];
listenPort = 51820;
# publicKey: TKQVDmBnf9av46kQxLQSBDhAeaK8r1zh8zpU64zuc1Q=
privateKeyFile = config.sops.secrets.wg_cloonar_key.path;
peers = [
{ # Notebook
publicKey = "YdlRGsjh4hS3OMJI+t6SZ2eGXKbs0wZBXWudHW4NyS8=";
allowedIPs = [ "10.42.98.201/32" ];
}
{ # iPhone
publicKey = "nkm10abmwt2G8gJXnpqel6QW5T8aSaxiqqGjE8va/A0=";
allowedIPs = [ "10.42.98.202/32" ];
}
];
};
wg_epicenter = {
ips = [ "10.50.60.6/32" ];
privateKeyFile = config.sops.secrets.wg_epicenter_works_key.path;
peers = [
{
endpoint = "5.9.131.17:51821";
publicKey = "T7jPGSapSudtKyWwi2nu+2hjjse96I4U3lccRHZWd2s=";
presharedKeyFile = config.sops.secrets.wg_epicenter_works_psk.path;
allowedIPs = [ "10.14.1.0/24" "10.14.2.0/24" "10.14.11.0/24" "10.14.40.0/24" "10.25.0.0/24" "10.50.60.0/24" ];
}
];
};
wg_ghetto_at = {
ips = [ "10.43.98.2/32" ];
# publicKey: o0FsoHL7ymwuDYmWA5N1mngbGT1sZJnhK6zhJkuEtzE=
privateKeyFile = config.sops.secrets.wg_ghetto_at_key.path;
peers = [
{
endpoint = "vpn.ghetto.at:51820";
publicKey = "v4pr6tzS0Xpwh/mWTohxxvCRaAj2B4bqtJnNOu9v2Xs=";
allowedIPs = [ "10.43.0.0/16" ];
}
];
};
};
networking.firewall.allowedUDPPorts = [ 51820 ];
}