asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mediabox: add wireguard

Browse Source
This commit is contained in:
Asmir A
2024-04-09 15:08:34 +02:00
parent 85203ce57d
commit 3a6d18e507
1 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
mediabox/configuration.nix
View File

@@ -24,6 +24,10 @@
group = config.users.users.nobody.group;
};
sops.secrets."wg_privkey" = {
sopsFile = ./secrets/wg_privkey.yaml;
};
nix = {
optimise.automatic = true;
gc.automatic = true;
@@ -70,7 +74,7 @@
networking = {
firewall = {
enable = true;
allowedTCPPorts = [80 443];
allowedTCPPorts = [80 443 51820];
};
hostName = "mediabox";
@@ -90,6 +94,22 @@
192.168.88.1 router.lan
192.168.88.231 workstation.lan
'';
wireguard.interfaces = {
wg0 = {
ips = ["10.100.0.5/24"];
listenPort = 51820;
privateKeyFile = config.sops.secrets."wg_privkey".path;
peers = [
{
publicKey = builtins.readFile ../magpie/wg_pubkey;
allowedIPs = ["10.100.0.1"];
endpoint = "5.75.229.224:51820";
persistentKeepalive = 25;
}
];
};
};
};
time.timeZone = "Europe/Sarajevo";