diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2023-10-07 08:56:36 -0400 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2023-10-07 08:56:36 -0400 |
commit | 82d409c7840ec1378e8e00d61a1d534bece1399c (patch) | |
tree | 8a9131239497f411d7c308ba4001a52a48261878 /modules | |
parent | ab5653f14aa9533df4ce6e51d62596cfef7eedb6 (diff) |
add wg peers
Diffstat (limited to 'modules')
-rw-r--r-- | modules/router.nix | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/router.nix b/modules/router.nix index aaf36ee..3f997e2 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -324,9 +324,19 @@ in { networking.wireguard.interfaces.wg-vpn = { socketNamespace = "router"; interfaceNamespace = "router"; - ips = [ "${vpnPrefix}::d/128" ]; + ips = [ "${vpnPrefix}::1/128" ]; privateKeyFile = config.age.secrets.dragon-wireguard-key.path; listenPort = vpnPort; + ppers = let mkPeer = host: ip: { + ips = [ "${vpn-prefix}::${ip}/128" ]; + publicKey = (builtins.readFile (../secrets + "/${host}-wireguard-key.pub")); + endpoint = null; + router = false; + } in { + firelink = mkPeer "firelink" "2001"; + pincer = mkPeer "pincer" "2001"; + trygve = mkPeer "trygve" "2004"; + }; }; services.ddclient = { |