diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index 6e646cd..8a02e79 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -146,34 +146,34 @@ # wg public key for host: A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg= networking.wg-quick.interfaces = { # "wg0" is the network interface name. You can name the interface arbitrarily. - wg0 = { - autostart = true; - # Determines the IP address and subnet of the server's end of the tunnel interface. - address = ["10.2.0.2/32"]; + # wg0 = { + # autostart = true; + # # Determines the IP address and subnet of the server's end of the tunnel interface. + # address = ["10.2.0.2/32"]; - # The port that WireGuard listens to. Must be accessible by the client. - listenPort = 51820; + # # The port that WireGuard listens to. Must be accessible by the client. + # listenPort = 51820; - dns = ["10.2.0.1"]; - # Path to the private key file. - # - # Note: The private key can also be included inline via the privateKey option, - # but this makes the private key world-readable; thus, using privateKeyFile is - # recommended. - privateKeyFile = config.sops.secrets."protonvpn-priv-key".path; + # dns = ["10.2.0.1"]; + # # Path to the private key file. + # # + # # Note: The private key can also be included inline via the privateKey option, + # # but this makes the private key world-readable; thus, using privateKeyFile is + # # recommended. + # privateKeyFile = config.sops.secrets."protonvpn-priv-key".path; - peers = [ - # List of allowed peers. - { - # Feel free to give a meaning full name - # Public key of the peer (not a file path). - publicKey = "/i7jCNpcqVBUkY07gVlILN4nFdvZHmxvreAOgLGoZGg="; - # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. - allowedIPs = ["0.0.0.0/0"]; - endpoint = "146.70.86.114:51820"; - } - ]; - }; + # peers = [ + # # List of allowed peers. + # { + # # Feel free to give a meaning full name + # # Public key of the peer (not a file path). + # publicKey = "/i7jCNpcqVBUkY07gVlILN4nFdvZHmxvreAOgLGoZGg="; + # # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. + # allowedIPs = ["0.0.0.0/0"]; + # endpoint = "146.70.86.114:51820"; + # } + # ]; + # }; wg1 = { # Determines the IP address and subnet of the server's end of the tunnel interface. address = ["10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64"]; @@ -181,7 +181,6 @@ # The port that WireGuard listens to. Must be accessible by the client. listenPort = 51821; - # This allows the wireguard server to route your traffic to the internet and hence be like a VPN # This allows the wireguard server to route your traffic to the internet and hence be like a VPN postUp = '' ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT