From e73dd814b8c53ce1fe13ca05186fbfad2ef40426 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kjetil.orbekk@gmail.com>
Date: Sun, 4 Feb 2018 09:46:11 -0500
Subject: vpn client

---
 config/vpn-client.nix | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 config/vpn-client.nix

(limited to 'config')

diff --git a/config/vpn-client.nix b/config/vpn-client.nix
new file mode 100644
index 0000000..5c10239
--- /dev/null
+++ b/config/vpn-client.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+let
+  port = (import ../data/aliases.nix).services.wireguard.port;
+in
+{
+  networking.wireguard = {
+    interfaces = {
+      wg0 = {
+        ips = [ "10.35.190.2/23" ];
+	privateKeyFile = "/opt/secret/wireguard/wg0.key";
+	listenPort = port;
+	allowedIPsAsRoutes = false;
+	peers = [
+	  {
+	    publicKey = "KT4sWKnlvPebJh0pYhGpiZksn4cCwKreB6fQCJV49F8=";
+	    endpoint = "dragon.orbekk.com:${toString port}";
+	    allowedIPs = ["0.0.0.0/0" "::/0"];
+	  }
+	];
+      };
+    };
+  };
+}
+
-- 
cgit v1.2.3