hackens-org-configurations/machines/hackens-org/wireguard.nix

{
  config,
  lib,
  pkgs,
  ...
}: {
  systemd.network = {
    enable = true;
    networks = {
      "50-wg0" = {
        name = "wg0";
        address = [
          "10.10.10.1/24"
        ];
        routes =  [{
          routeConfig = {
            Destination = "10.10.10.0/24";
            Scope = "link";
          };
        }];
      };
    };
    netdevs = {
      "50-wg0" = {
        netdevConfig = {
          Name = "wg0";
          Kind = "wireguard";
        };
        wireguardConfig = {
          ListenPort = 1194;
          PrivateKeyFile = config.age.secrets."wg-key".path;
        };

        wireguardPeers = [
        ];
      };
    };
  };
  networking.firewall.allowedUDPPorts = [ 1194 ];
}
org: deploy ipv6 and vpn 2024-01-12 18:07:38 +01:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}: {`
			`systemd.network = {`
			`enable = true;`
			`networks = {`
			`"50-wg0" = {`
			`name = "wg0";`
			`address = [`
			`"10.10.10.1/24"`
			`];`
			`routes = [{`
			`routeConfig = {`
			`Destination = "10.10.10.0/24";`
			`Scope = "link";`
			`};`
			`}];`
			`};`
			`};`
			`netdevs = {`
			`"50-wg0" = {`
			`netdevConfig = {`
			`Name = "wg0";`
			`Kind = "wireguard";`
			`};`
			`wireguardConfig = {`
			`ListenPort = 1194;`
			`PrivateKeyFile = config.age.secrets."wg-key".path;`
			`};`

			`wireguardPeers = [`
			`];`
			`};`
			`};`
			`};`
			`networking.firewall.allowedUDPPorts = [ 1194 ];`
			`}`