25 lines
535 B
Nix
25 lines
535 B
Nix
|
{ config, ... }:
|
||
|
|
||
|
{
|
||
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||
|
|
||
|
networking.wg-quick.interfaces = {
|
||
|
wg-dvb = {
|
||
|
# pubkey: 8iQQSCI14dObcrMw0/rZJxfvpOAhy3CU+haJq2nyIzc=
|
||
|
address = [ "10.13.37.1/32" ];
|
||
|
privateKeyFile = config.sops.secrets.wg-seckey.path;
|
||
|
listenPort = 51820;
|
||
|
peers = [
|
||
|
{
|
||
|
# Tassilo
|
||
|
publicKey = "vgo3le9xrFsIbbDZsAhQZpIlX+TuWjfEyUcwkoqUl2Y=";
|
||
|
allowedIPs = [ "10.13.37.2/32" ];
|
||
|
persistentKeepalive = 25;
|
||
|
}
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
}
|
||
|
|
||
|
|