2021-10-16 21:18:53 +03:00
|
|
|
{ config, ... }:
|
|
|
|
|
|
|
|
{
|
2022-05-26 19:09:26 +03:00
|
|
|
age.secrets.wireguard-key-wgmv = {
|
|
|
|
file = ../../../../secrets/wireguard-key-wgmv.age;
|
|
|
|
owner = "root";
|
|
|
|
group = "root";
|
|
|
|
mode = "0400";
|
|
|
|
};
|
2021-10-16 21:18:53 +03:00
|
|
|
|
|
|
|
networking.wireguard = {
|
|
|
|
enable = true;
|
2022-12-28 19:59:59 +02:00
|
|
|
interfaces.wgmv = {
|
2022-07-24 23:44:55 +03:00
|
|
|
ips = [ "10.65.193.152/32" ];
|
2022-05-26 19:09:26 +03:00
|
|
|
privateKeyFile = config.age.secrets.wireguard-key-wgmv.path;
|
|
|
|
allowedIPsAsRoutes = false;
|
|
|
|
peers = [
|
2022-12-28 19:59:59 +02:00
|
|
|
# es-mad-wg-102
|
2022-05-26 19:09:26 +03:00
|
|
|
{
|
2022-12-28 19:59:59 +02:00
|
|
|
publicKey = "1Wo/cQeVHX2q9k95nxN+48lgkGLsPQ+uesRb/9XdY1Y=";
|
2022-05-26 19:09:26 +03:00
|
|
|
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
|
2022-12-28 19:59:59 +02:00
|
|
|
endpoint = "45.134.213.207:51820";
|
|
|
|
}
|
|
|
|
# es-mad-wg-202
|
|
|
|
{
|
|
|
|
publicKey = "iehXacO91FbBqni2IFxedEYPlW2Wvvt9GtRPPPMo9zc=";
|
|
|
|
allowedIPs = [ "10.64.0.1/32" "0.0.0.0/0" ];
|
|
|
|
endpoint = "146.70.128.226:51820";
|
2022-05-26 19:09:26 +03:00
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
networking.interfaces = {
|
2022-12-28 19:59:59 +02:00
|
|
|
wgmv.ipv4.routes = [
|
2022-05-26 19:09:26 +03:00
|
|
|
{ address = "10.64.0.1"; prefixLength = 32; }
|
|
|
|
{ address = "10.124.0.0"; prefixLength = 16; }
|
|
|
|
];
|
2021-10-16 21:18:53 +03:00
|
|
|
};
|
|
|
|
}
|