39 lines
828 B
Nix
39 lines
828 B
Nix
{ config, ... }:
|
|
|
|
{
|
|
|
|
sops = {
|
|
secrets.wg-b-palladium = {
|
|
owner = "systemd-network";
|
|
group = "systemd-network";
|
|
};
|
|
};
|
|
|
|
systemd.network.netdevs."10-wg-b-palladium" = {
|
|
netdevConfig = {
|
|
Kind = "wireguard";
|
|
Name = "wg-b-palladium";
|
|
};
|
|
wireguardConfig = {
|
|
PrivateKeyFile = config.sops.secrets.wg-b-palladium.path;
|
|
};
|
|
wireguardPeers = [
|
|
{
|
|
PublicKey = "VstE42L1SmZCIShH5sOqcpVQOV0Xb9cFgljD0lhvKFQ=";
|
|
AllowedIPs = [ "fd90:37fd:ddec:d921::/64" ];
|
|
PersistentKeepalive = 25;
|
|
Endpoint = "backup-4.net.clerie.de:51844";
|
|
}
|
|
];
|
|
};
|
|
|
|
systemd.network.networks."10-wg-b-palladium" = {
|
|
matchConfig.Name = "wg-b-palladium";
|
|
address = [
|
|
"fd90:37fd:ddec:d921::2/64"
|
|
];
|
|
linkConfig.RequiredForOnline = "no";
|
|
};
|
|
|
|
}
|