nixos-config/2configs/wireguard/thierry.nix

{ config, lib, ... }:
{
  sops.secrets."wg-thierry.key" = {};
  networking.wireguard.interfaces.thierry-wg = {
    ips = [ "172.27.66.10/24" ]; # TODO: not dnyamic
    privateKeyFile = config.sops.secrets."wg-thierry.key".path;
    allowedIPsAsRoutes = true;
    # explicit route via eth0 to gum
    peers = [
    {
      endpoint = "thierryhome.duckdns.org:51820";
      allowedIPs = [ "172.27.66.0/24" ];
      publicKey = "filYuG/xbb2YW8WT0xT26rzeZ/ZiM6NLnbxbsCR9rS0=";
      persistentKeepalive = 25;
    }
    #{
    #  allowedIPs = [ "172.27.66.3/32" ];
    #  publicKey = "cDIf14LH4qleXNo889lS2ATIqDx9r//JNCkhHlHgc1Q=";
    #}
  ];
  };
}
config: move secrets to sops 2023-06-30 10:00:32 +02:00			`{ config, lib, ... }:`
ma wireguard: add thierry wg setup 2022-09-23 23:45:15 +02:00			`{`
config: move secrets to sops 2023-06-30 10:00:32 +02:00			`sops.secrets."wg-thierry.key" = {};`
ma wireguard: add thierry wg setup 2022-09-23 23:45:15 +02:00			`networking.wireguard.interfaces.thierry-wg = {`
			`ips = [ "172.27.66.10/24" ]; # TODO: not dnyamic`
config: move secrets to sops 2023-06-30 10:00:32 +02:00			`privateKeyFile = config.sops.secrets."wg-thierry.key".path;`
ma wireguard: add thierry wg setup 2022-09-23 23:45:15 +02:00			`allowedIPsAsRoutes = true;`
			`# explicit route via eth0 to gum`
			`peers = [`
			`{`
			`endpoint = "thierryhome.duckdns.org:51820";`
			`allowedIPs = [ "172.27.66.0/24" ];`
			`publicKey = "filYuG/xbb2YW8WT0xT26rzeZ/ZiM6NLnbxbsCR9rS0=";`
			`persistentKeepalive = 25;`
			`}`
			`#{`
			`# allowedIPs = [ "172.27.66.3/32" ];`
			`# publicKey = "cDIf14LH4qleXNo889lS2ATIqDx9r//JNCkhHlHgc1Q=";`
			`#}`
			`];`
			`};`
			`}`