qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

h: add wireguard bits

Browse Source
This commit is contained in:
Aaron Bieber 2022-10-21 09:49:05 -06:00
parent ac44c31958
commit e446ac3d1c
No known key found for this signature in database
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/h/default.nix
View File

@ -89,6 +89,7 @@ in {
defaultGateway = "23.29.118.1"; defaultGateway = "23.29.118.1";
defaultGateway6 = "2602:ff16:3::1"; defaultGateway6 = "2602:ff16:3::1";
nameservers = [ "9.9.9.9" ]; nameservers = [ "9.9.9.9" ];
interfaces.eth0 = { interfaces.eth0 = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "23.29.118.127"; address = "23.29.118.127";
@ -101,6 +102,24 @@ in {
}]; }];
}; };
}; };
wireguard = {
enable = false;
interfaces = {
wg0 = {
listenPort = 7122;
ips = [ "192.168.112.3/32" ];
peers = [{
publicKey = "gZ16FwqUgzKgEpJgVC9BngJ+Dd0e5LPsDhDuJby0VzY=";
allowedIPs = [ "192.168.112.4/32" ];
persistentKeepalive = 25;
}];
#privateKeyFile = "${config.sops.secrets.wireguard_private_key.path}";
privateKeyFile = "/root/wgpk";
};
};
};
firewall = { firewall = {
interfaces = { "tailscale0" = { allowedTCPPorts = [ 9002 ]; }; }; interfaces = { "tailscale0" = { allowedTCPPorts = [ 9002 ]; }; };
allowedTCPPorts = [ 22 80 443 53589 ]; allowedTCPPorts = [ 22 80 443 53589 ];

2
hosts/h/hardware-configuration.nix
View File

@ -9,7 +9,7 @@
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules =
[ "ahci" "xhci_pci" "virtio_pci" "sd_mod" ]; [ "ahci" "xhci_pci" "virtio_pci" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ "wireguard" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {