Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-14 08:45:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
vps/newinfra/nix/modules/wg-mesh/default.nix
Noratrieb 478b587a41 dynamic wireguard mesh
2024-07-31 20:17:10 +02:00

32 lines
885 B
Nix
Raw Blame History

{ name, config, networkingConfig, ... }:
let
wgSettings = (builtins.getAttr name networkingConfig).wg;
listenPort = 51820;
in
{
# TODO: put the actual setup here.
networking.hosts = {
"10.0.0.1" = [ "vps1.local" ];
"10.0.0.3" = [ "vps3.local" ];
};
age.secrets.wg_private.file = ../../secrets/wg_private_${name}.age;
networking.wg-quick.interfaces = {
wg0 = {
address = [ "${wgSettings.privateIP}/24" ];
inherit listenPort;
privateKeyFile = config.age.secrets.wg_private.path;
peers = map
(peer:
let peerConfig = (builtins.getAttr peer networkingConfig).wg;
in {
inherit (peerConfig) publicKey;
endpoint = "${peer}.infra.noratrieb.dev:${toString listenPort}";
allowedIPs = [ "${peerConfig.privateIP}/32" ];
}
)
wgSettings.peers;
};
};
}
Reference in a new issue View git blame Copy permalink