modules/wireguard.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
{ config, pkgs, ...}:
{
age.secrets.wg2-key = {
file = ../secrets/wg2-key.age;
};
networking.wg-quick.interfaces = {
wg2 = {
address = ["10.2.0.3/32"];
privateKeyFile = config.age.secrets.wg2-key.path;
peers = [
{
endpoint = "202.61.203.128:51822";
publicKey = "AlEu31P8Gxq15RQicZsPmn6s2lXVvf/gHNhneKlmsH8=";
allowedIPs = [ "10.2.0.1/32" "10.2.0.2/32" "10.2.0.4/32" "10.2.0.5/32" ];
persistentKeepalive = 25;
}
];
};
};
}
|