diff options
| author | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2018-02-04 09:46:11 -0500 |
|---|---|---|
| committer | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2018-02-04 15:17:58 -0500 |
| commit | e73dd814b8c53ce1fe13ca05186fbfad2ef40426 (patch) | |
| tree | c3ef9cf844838ea3fed122597d3f32a283e3395b /config | |
| parent | 33b0c3e86050b7571083304e51ca491897755e65 (diff) | |
vpn client
Diffstat (limited to 'config')
| -rw-r--r-- | config/vpn-client.nix | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/config/vpn-client.nix b/config/vpn-client.nix new file mode 100644 index 0000000..5c10239 --- /dev/null +++ b/config/vpn-client.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: +let + port = (import ../data/aliases.nix).services.wireguard.port; +in +{ + networking.wireguard = { + interfaces = { + wg0 = { + ips = [ "10.35.190.2/23" ]; + privateKeyFile = "/opt/secret/wireguard/wg0.key"; + listenPort = port; + allowedIPsAsRoutes = false; + peers = [ + { + publicKey = "KT4sWKnlvPebJh0pYhGpiZksn4cCwKreB6fQCJV49F8="; + endpoint = "dragon.orbekk.com:${toString port}"; + allowedIPs = ["0.0.0.0/0" "::/0"]; + } + ]; + }; + }; + }; +} + |