add wg peers

author: Kjetil Orbekk <kj@orbekk.com> 2023-10-07 08:56:36 -0400
committer: Kjetil Orbekk <kj@orbekk.com> 2023-10-07 08:56:36 -0400
commit: 82d409c7840ec1378e8e00d61a1d534bece1399c (patch)
tree: 8a9131239497f411d7c308ba4001a52a48261878
parent: ab5653f14aa9533df4ce6e51d62596cfef7eedb6 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/router.nix b/modules/router.nix
index aaf36ee..3f997e2 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -324,9 +324,19 @@ in {
     networking.wireguard.interfaces.wg-vpn = {
       socketNamespace = "router";
       interfaceNamespace = "router";
-      ips = [ "${vpnPrefix}::d/128" ];
+      ips = [ "${vpnPrefix}::1/128" ];
       privateKeyFile = config.age.secrets.dragon-wireguard-key.path;
       listenPort = vpnPort;
+      ppers = let mkPeer = host: ip: {
+        ips = [ "${vpn-prefix}::${ip}/128" ];
+        publicKey = (builtins.readFile (../secrets + "/${host}-wireguard-key.pub"));
+        endpoint = null;
+        router = false;
+      } in {
+        firelink = mkPeer "firelink" "2001";
+        pincer = mkPeer "pincer" "2001";
+        trygve = mkPeer "trygve" "2004";
+      };
     };
 
     services.ddclient = {
author	Kjetil Orbekk <kj@orbekk.com>	2023-10-07 08:56:36 -0400
committer	Kjetil Orbekk <kj@orbekk.com>	2023-10-07 08:56:36 -0400
commit	82d409c7840ec1378e8e00d61a1d534bece1399c (patch)
tree	8a9131239497f411d7c308ba4001a52a48261878
parent	ab5653f14aa9533df4ce6e51d62596cfef7eedb6 (diff)