added dorm wireguard

2025-04-25 16:08:30 +02:00 · 2022-12-30 11:02:10 +01:00 · 2022-12-30 11:02:10 +01:00 · ad7938a056
commit ad7938a056
parent 084aa31503
2 changed files with 29 additions and 5 deletions
--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -2,12 +2,15 @@
 {
  imports = [ ./uni.nix ];

-  sops.secrets."wireless-env" = { };
+  sops.secrets = {
+    "wireless-env" = { };
+    "wireguard/dorm/private" = { };
+    "wireguard/dorm/preshared" = { };
+  };
  networking = {
    hostName = "thinkpad";
    firewall = {
-      allowedUDPPorts = [ 51820 ]; # used for wireguard
-      checkReversePath = false;
+      #allowedUDPPorts = [ 51820 ]; # used for wireguard
    };
    wireless = {
      enable = true;
@ -27,5 +30,22 @@
        };
      };
    };
+    wg-quick.interfaces = {
+      Dorm = {
+        address = [ "10.10.10.3/32" ];
+        privateKeyFile = config.sops.secrets."wireguard/dorm/private".path; 
+        listenPort = 51820;
+        dns = [ "192.168.10.1" ];
+        autostart = false;
+        peers = [
+          {
+            publicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430=";
+            presharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; 
+            allowedIPs = [ "0.0.0.0/0" ];
+            endpoint = "dorm.vpn.rfive.de:51820";
+          }
+        ];
+      };
+    };
  };
 }