c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-11-21 20:11:26 +01:00
parent 7ed54e66ec
commit c712d76fac
17 changed files with 605 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/all.nix
View File

@@ -4,7 +4,6 @@
{
imports = [
inputs.home-manager.nixosModules.home-manager
../mods/my-nixpkgs-overlay.nix
];
@@ -36,7 +35,6 @@
users.mutableUsers = true;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# This value determines the NixOS release from which the default

82
common/wg-peers.nix Normal file
View File

@@ -0,0 +1,82 @@
{ secretsDir, ... }: let
main-pub = builtins.readFile "${secretsDir}/wg-pub-main";
rpi-pub = builtins.readFile "${secretsDir}/wg-pub-rpi";
lush-pub = builtins.readFile "${secretsDir}/wg-pub-lush";
hpm-pub = builtins.readFile "${secretsDir}/wg-pub-hpm";
acern-pub = builtins.readFile "${secretsDir}/wg-pub-acern";
phone-pub = builtins.readFile "${secretsDir}/wg-pub-phone";
in
{
"wireguard-peer.${main-pub}" = {
endpoint = "192.168.1.40:51820";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
"wireguard-peer.${rpi-pub}" = {
endpoint = "192.168.1.2:49390";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
"wireguard-peer.${lush-pub}" = {
endpoint = "192.168.5.5:51820";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
}
################### old config #########################
/*
{ secretsDir, ... }: [
#### local ####
{
name = "rpi";
publicKey = builtins.readFile "${secretsDir}/wg-pub-rpi";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.1.2:49390, c2vi.dev:49389";
persistentKeepalive = 25;
}
{
name = "main-local";
publicKey = builtins.readFile "${secretsDir}/wg-pub-main";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.1.40:51820";
persistentKeepalive = 25;
}
{
name = "lush-local";
publicKey = builtins.readFile "${secretsDir}/wg-pub-lush";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.5.5:51820";
persistentKeepalive = 25;
}
/*
{
name = "main";
publicKey = "${secretsDir}"/wg-public-main;
allowedIPs = [ "10.1.1.2/24" ];
}
{
name = "phone";
publicKey = "${secretsDir}"/wg-public-phone;
allowedIPs = [ "10.1.1.3/24" ];
}
{
name = "hpm";
publicKey = "${secretsDir}"/wg-public-hpm;
allowedIPs = [ "10.1.1.6/24" ];
}
{
name = "main";
publicKey = "${secretsDir}"/wg-public-main;
allowedIPs = [ "10.1.1.2/24" ];
}
*/