c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-11-21 20:11:26 +01:00
parent 7ed54e66ec
commit c712d76fac
17 changed files with 605 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
common/wg-peers.nix Normal file
View File

@@ -0,0 +1,82 @@
{ secretsDir, ... }: let
main-pub = builtins.readFile "${secretsDir}/wg-pub-main";
rpi-pub = builtins.readFile "${secretsDir}/wg-pub-rpi";
lush-pub = builtins.readFile "${secretsDir}/wg-pub-lush";
hpm-pub = builtins.readFile "${secretsDir}/wg-pub-hpm";
acern-pub = builtins.readFile "${secretsDir}/wg-pub-acern";
phone-pub = builtins.readFile "${secretsDir}/wg-pub-phone";
in
{
"wireguard-peer.${main-pub}" = {
endpoint = "192.168.1.40:51820";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
"wireguard-peer.${rpi-pub}" = {
endpoint = "192.168.1.2:49390";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
"wireguard-peer.${lush-pub}" = {
endpoint = "192.168.5.5:51820";
persistent-keepalive = "25";
allowed-ips = "0.0.0.0";
};
}
################### old config #########################
/*
{ secretsDir, ... }: [
#### local ####
{
name = "rpi";
publicKey = builtins.readFile "${secretsDir}/wg-pub-rpi";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.1.2:49390, c2vi.dev:49389";
persistentKeepalive = 25;
}
{
name = "main-local";
publicKey = builtins.readFile "${secretsDir}/wg-pub-main";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.1.40:51820";
persistentKeepalive = 25;
}
{
name = "lush-local";
publicKey = builtins.readFile "${secretsDir}/wg-pub-lush";
allowedIPs = [ "10.1.1.0/24" ];
endpoint = "192.168.5.5:51820";
persistentKeepalive = 25;
}
/*
{
name = "main";
publicKey = "${secretsDir}"/wg-public-main;
allowedIPs = [ "10.1.1.2/24" ];
}
{
name = "phone";
publicKey = "${secretsDir}"/wg-public-phone;
allowedIPs = [ "10.1.1.3/24" ];
}
{
name = "hpm";
publicKey = "${secretsDir}"/wg-public-hpm;
allowedIPs = [ "10.1.1.6/24" ];
}
{
name = "main";
publicKey = "${secretsDir}"/wg-public-main;
allowedIPs = [ "10.1.1.2/24" ];
}
*/