nixos-configuration/graystripe/wireguard.nix

{ config, pkgs, ... }:

{
  networking.firewall = {
    allowedUDPPorts = [ 51820 ];
  };

  networking.wg-quick.interfaces = {
    wg0 = {
      autostart = false;
      address = [
        "192.168.5.11/24"
        "2001:db8:5::11/64"
      ];
      dns = [
        "192.168.5.1"
        "2001:db8:5::1"
      ];
      privateKeyFile = "/etc/wireguard/privatekey";
      peers = [
        {
          publicKey = "v+asDVK/1TMuQCvCWBwUYZpVgj+PGgdhvcvJXOVN0Xo=";
          allowedIPs = [
            "192.168.5.0/24"
            "192.168.20.0/24"
            "2001:db8:5::/64"
            "2001:db8:20::/64"
          ];
          endpoint = "wg.asonix.dog:51820";
          persistentKeepalive = 25;
        }
      ];
    };
  };
}
Graystripe 2023-02-11 01:24:46 +00:00			`{ config, pkgs, ... }:`

			`{`
			`networking.firewall = {`
			`allowedUDPPorts = [ 51820 ];`
			`};`

			`networking.wg-quick.interfaces = {`
			`wg0 = {`
wireguard: don't enable by default 2024-07-10 00:57:06 +00:00			`autostart = false;`
Update wireguard configs 2024-07-06 18:50:17 +00:00			`address = [`
			`"192.168.5.11/24"`
			`"2001:db8:5::11/64"`
			`];`
			`dns = [`
			`"192.168.5.1"`
			`"2001:db8:5::1"`
			`];`
Graystripe 2023-02-11 01:24:46 +00:00			`privateKeyFile = "/etc/wireguard/privatekey";`
			`peers = [`
			`{`
Update wireguard configs 2024-07-06 18:50:17 +00:00			`publicKey = "v+asDVK/1TMuQCvCWBwUYZpVgj+PGgdhvcvJXOVN0Xo=";`
			`allowedIPs = [`
			`"192.168.5.0/24"`
			`"192.168.20.0/24"`
			`"2001:db8:5::/64"`
			`"2001:db8:20::/64"`
			`];`
			`endpoint = "wg.asonix.dog:51820";`
Graystripe 2023-02-11 01:24:46 +00:00			`persistentKeepalive = 25;`
			`}`
			`];`
			`};`
			`};`
			`}`