config/vpn-client.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

{ config, lib, pkgs, ... }:
let
  port = (import ../data/aliases.nix).services.wireguard.port;
in
{
  networking.wireguard = {
    interfaces = {
      wg0 = {
        ips = [ "10.35.190.2/23" ];
        privateKeyFile = "/opt/secret/wireguard/wg0.key";
        listenPort = port;
        allowedIPsAsRoutes = false;
        peers = [
          {
            publicKey = "KT4sWKnlvPebJh0pYhGpiZksn4cCwKreB6fQCJV49F8=";
            endpoint = "dragon.orbekk.com:${toString port}";
            allowedIPs = ["0.0.0.0/0" "::/0"];
          }
        ];
      };
    };
  };
}