nichts/nyx/hosts/enyo/wireguard.nix

{config, ...}: {
  networking.firewall = {
    allowedUDPPorts = [51820];
  };

  boot.kernelModules = ["wireguard"];

  # Wireguard Client Peer Setup
  networking.wireguard = {
    enable = true;
    interfaces = {
      wg0 = {
        # General Settings
        privateKeyFile = config.age.secrets.wg-client.path;
        allowedIPsAsRoutes = true;
        listenPort = 51820;
        ips = ["10.255.255.11/32" "2a01:4f9:c010:2cf9:f::11/128"];
        peers = [
          {
            allowedIPs = ["10.255.255.0/24" "2a01:4f9:c010:2cf9:f::/80"];
            endpoint = "128.140.91.216:51820";
            publicKey = "v3ol3QsgLPudVEtbETByQ0ABAOrJE2WcFfQ/PQAD8FM=";
            persistentKeepalive = 30;
          }
        ];
      };
    };
  };
}
added stuff 2024-04-09 23:11:33 +02:00			`{config, ...}: {`
			`networking.firewall = {`
			`allowedUDPPorts = [51820];`
			`};`

			`boot.kernelModules = ["wireguard"];`

			`# Wireguard Client Peer Setup`
			`networking.wireguard = {`
			`enable = true;`
			`interfaces = {`
			`wg0 = {`
			`# General Settings`
			`privateKeyFile = config.age.secrets.wg-client.path;`
			`allowedIPsAsRoutes = true;`
			`listenPort = 51820;`
			`ips = ["10.255.255.11/32" "2a01:4f9:c010:2cf9:f::11/128"];`
			`peers = [`
			`{`
			`allowedIPs = ["10.255.255.0/24" "2a01:4f9:c010:2cf9:f::/80"];`
			`endpoint = "128.140.91.216:51820";`
			`publicKey = "v3ol3QsgLPudVEtbETByQ0ABAOrJE2WcFfQ/PQAD8FM=";`
			`persistentKeepalive = 30;`
			`}`
			`];`
			`};`
			`};`
			`};`
			`}`