modules/wireguard-initrd: add module for wireguard in initrd

hosts/zinc/configuration.nix

@@ -22,7 +22,7 @@
   boot.initrd.network.ssh = {
     enable = true;
     port = 1022;
-    shell = "/bin/cryptsetup-askpass";
+    #shell = "/bin/cryptsetup-askpass";
     authorizedKeys = config.users.users.clerie.openssh.authorizedKeys.keys;
     hostKeys = [
       "/var/src/secrets/initrd/ssh_host_ed25519_key"
@@ -31,6 +31,13 @@
   boot.initrd.kernelModules = [ "igc" ];
   boot.kernelParams = [ "ip=dhcp" ];
 
+  boot.initrd.network.wireguard = {
+    enable = true;
+    ipv6s = [ "2a01:4f8:c0c:15f1::8110/128" ];
+    ipv4s = [ "10.20.30.110/32" ];
+    privateKeyFile = "/var/src/secrets/wireguard/wg-initrd";
+  };
+
   networking.hostName = "zinc";
 
   services.wg-clerie = {