Add wireguard for squirrelflight

2024-04-06 16:25:23 -05:00 · 2024-04-06 16:25:23 -05:00 · f4da191819
parent d75c78551f
commit f4da191819
2 changed files with 25 additions and 0 deletions
--- a/squirrelflight/default.nix
+++ b/squirrelflight/default.nix
@ -8,6 +8,7 @@
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
+      ./wireguard.nix
    ];

  hardware.keyboard.qmk.enable = true;
--- a/squirrelflight/wireguard.nix
+++ b/squirrelflight/wireguard.nix
@ -0,0 +1,24 @@
+{ config, pkgs, ... }:
+
+{
+  networking.firewall = {
+    allowedUDPPorts = [ 51820 ];
+  };
+
+  networking.wg-quick.interfaces = {
+    wg0 = {
+      address = [ "192.168.5.14/24" ];
+      dns = [ "192.168.5.1" ];
+      privateKeyFile = "/etc/wireguard/privatekey";
+      peers = [
+        {
+          publicKey = "lQYGzNIxgUrDmU32rlnmnc72dK7TSH7hxts3tMtE+VQ=";
+          allowedIPs = [ "192.168.5.0/24" "192.168.6.0/24" "192.168.20.0/24" ];
+          # endpoint = "wg.asonix.dog:51820";
+          endpoint = "76.210.190.151:51820";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+}