add wireguard config

author: Kjetil Orbekk <kj@orbekk.com> 2021-08-04 17:12:58 -0400
committer: Kjetil Orbekk <kj@orbekk.com> 2021-08-04 17:13:36 -0400
commit: d0a5776d5ffe07fa286b1ef0f2b27f422cf301b5 (patch)
tree: 93d5efb344a724d57aa9dfb7698cc20b77ef0e24 /modules/mullvad.nix
parent: bb9e37472da4885448ddb34ff009aadddbc9faf2 (diff)
1 files changed, 0 insertions, 39 deletions
diff --git a/modules/mullvad.nix b/modules/mullvad.nix
deleted file mode 100644
index 436a3b2..0000000
--- a/modules/mullvad.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  cfg = config.orbekk.mullvad;
-in
-{
-  options = {
-    orbekk.mullvad = {
-      enable = lib.mkEnableOption "Enable VPN";
-
-      listenPort = lib.mkOption {
-        type = lib.types.port;
-        default = 40421;
-        description = "wireguard local port";
-      };
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    orbekk.simple-firewall.allowedUDPPorts = [ cfg.listenPort ];
-
-    networking.wireguard = {
-      enable = true;
-      interfaces.mullvad = {
-        privateKeyFile = "/opt/secret/wireguard/mullvad.private";
-        ips = [ "10.70.90.245/32" "fc00:bbbb:bbbb:bb01::7:5af4/128" ];
-        allowedIPsAsRoutes = false;
-        listenPort = cfg.listenPort;
-        peers = [
-          {
-            endpoint = "ca10-wireguard.mullvad.net:51820";
-            publicKey = "pAVh6WJtyF7ktvavez399L4A615TXOAaUHQgpwJ4EHU=";
-            allowedIPs = [ "0.0.0.0/0" "::0/0" ];
-          }
-        ];
-      };
-    };
-  };
-}
author	Kjetil Orbekk <kj@orbekk.com>	2021-08-04 17:12:58 -0400
committer	Kjetil Orbekk <kj@orbekk.com>	2021-08-04 17:13:36 -0400
commit	d0a5776d5ffe07fa286b1ef0f2b27f422cf301b5 (patch)
tree	93d5efb344a724d57aa9dfb7698cc20b77ef0e24 /modules/mullvad.nix
parent	bb9e37472da4885448ddb34ff009aadddbc9faf2 (diff)