modules/wireguard.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
{ config, pkgs, ...}:
{
age.secrets.wg0-key = {
file = ../secrets/wg0-key.age;
};
networking.wg-quick.interfaces = {
wg0 = {
address = ["10.0.0.18/32"];
privateKeyFile = config.age.secrets.wg0-key.path;
peers = [
{
endpoint = "202.61.203.128:51820";
publicKey = "dGeLAqZD81XYcZQBJ5SELiUGh7hD//G+o1rahSpxY0s=";
allowedIPs = [ "10.0.0.1/32" "10.0.0.6/32" "10.0.0.19/32" "10.0.0.4/32"];
persistentKeepalive = 25;
}
];
};
};
}
|