petalius: add wireguard

2018-09-01 15:40:10 +02:00 · 2018-09-01 15:40:10 +02:00 · ea718b3967
parent e779620861
commit ea718b3967
2 changed files with 13 additions and 0 deletions
--- a/basic-tools.nix
+++ b/basic-tools.nix
@ -35,6 +35,7 @@
    ctags
    nix-prefetch-scripts
    (pkgs.nix-repl or pkgs.nix)
+    (pkgs.wireguard or pkgs.hello)
    jq
  ];

--- a/petalius.nix
+++ b/petalius.nix
@ -89,4 +89,16 @@

  system.stateVersion = "18.03";

+  networking.wireguard.interfaces.wg0 = {
+    ips = ["10.59.0.2/16"];
+    privateKeyFile = "/etc/wgkeys/petalius";
+    allowedIPsAsRoutes = true;
+    peers = [{
+      publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
+      allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
+      endpoint = "mtlaa-gw.gebner.org:35869";
+    }];
+  };
+  systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
+
 }