wip: wireguard tunnel configurations

This commit is contained in:
Michael Thomas 2024-04-15 23:51:39 +00:00
parent e3020dd7b5
commit 8754bea418
3 changed files with 43 additions and 1 deletions

View File

@ -15,6 +15,25 @@
PasswordAuthentication = false;
};
environment.systemPackages = with pkgs; [ wireguard-tools ];
# Wireguard tunnel
age.secrets.wireguardOracle.file = "../../secrets/wireguard-oracle.age";
networking.wg-quick.interfaces = {
wg0 = {
address = [ "10.0.10.1/24" ];
listenPort = 51820;
privateKeyFile = config.age.secrets.wireguardOracle.path;
peers = [
{
publicKey = "iKJO9Q8LsdCdApapTX9CJmrtAKn1TYhg4YUiBUBPzmo=";
allowedIPs = "10.0.10.2/32";
};
];
};
};
programs.zsh.enable = true;
environment.variables.EDITOR = "nvim";

View File

@ -1,4 +1,4 @@
{pkgs, ...}: {
{pkgs, config, ...}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
@ -6,6 +6,24 @@
networking.hostName = "venus"; # Define your hostname.
# Wireguard tunnel to oracle
age.secrets.wireguardThinkcentre.file = "../../secrets/wireguard-thinkcentre.age";
networking.wg-quick.interfaces = {
wg0 = {
address = [ "10.0.10.2/32" ];
listenPort = 51820;
privateKeyFile = config.age.secrets.wireguardThinkcentre.path;
peers = [
{
publicKey = "sdqT2l1HRe9rDYejJ+luQK8zdC+/KqDuQ1rpvZq/KlQ=";
endpoint = "150.136.162.107:51820";
allowedIPs = "10.0.10.1/24";
};
];
};
};
# Set your time zone.
time.timeZone = "America/New_York";

View File

@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 XlaGxQ 64T+sKc6cuLGJpF2mjdRoLupmh4r4xDJYWnz2XtW5yw
Fn2imf2lLbjRLQOG7FP844OfmLm2uX3zz+mEy4k4PbM
--- hVrfmKh1csvwWIvzvdcOiJVM9+KzG1xLr5eYj9qZ3oE
˜Þý³nñ¤ý»zkXI `{#.=×,ÀÃî`W<>ghÇüc.”Õ[´JÔÐdÑØV,ëß–&iz¯¥˜ÎLÚ9Bì"u}ºÍŸ