diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index d696f0d..0cf50a0 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -149,37 +149,38 @@ networking.wireguard.enable = true; - # wg public key for host: A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg= networking.wg-quick.interfaces = { # "wg0" is the network interface name. You can name the interface arbitrarily. - # wg0 = { - # autostart = true; - # # Determines the IP address and subnet of the server's end of the tunnel interface. - # address = ["10.2.0.2/32"]; + wg0 = { + autostart = true; + # Determines the IP address and subnet of the server's end of the tunnel interface. + address = ["10.2.0.2/32"]; - # # The port that WireGuard listens to. Must be accessible by the client. - # listenPort = 51820; + # The port that WireGuard listens to. Must be accessible by the client. + listenPort = 51820; - # dns = ["10.2.0.1"]; - # # Path to the private key file. - # # - # # Note: The private key can also be included inline via the privateKey option, - # # but this makes the private key world-readable; thus, using privateKeyFile is - # # recommended. - # privateKeyFile = config.sops.secrets."protonvpn-priv-key".path; + dns = ["10.2.0.1"]; + # Path to the private key file. + # + # Note: The private key can also be included inline via the privateKey option, + # but this makes the private key world-readable; thus, using privateKeyFile is + # recommended. + privateKeyFile = config.sops.secrets."protonvpn-priv-key".path; - # peers = [ - # # List of allowed peers. - # { - # # Feel free to give a meaning full name - # # Public key of the peer (not a file path). - # publicKey = "/i7jCNpcqVBUkY07gVlILN4nFdvZHmxvreAOgLGoZGg="; - # # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. - # allowedIPs = ["0.0.0.0/0"]; - # endpoint = "146.70.86.114:51820"; - # } - # ]; - # }; + peers = [ + # List of allowed peers. + { + # Feel free to give a meaning full name + # Public key of the peer (not a file path). + publicKey = "/i7jCNpcqVBUkY07gVlILN4nFdvZHmxvreAOgLGoZGg="; + # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. + allowedIPs = ["0.0.0.0/0"]; + endpoint = "146.70.86.114:51820"; + } + ]; + }; + + # wg public key for host: A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg= wg1 = { # Determines the IP address and subnet of the server's end of the tunnel interface. address = ["10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64"];