Add Wireguard configuration

2021-03-12 12:08:22 +01:00 · 2021-03-12 12:08:22 +01:00 · 448e4dfda8
parent 20b73b364c
commit 448e4dfda8
1 changed files with 25 additions and 1 deletions
--- a/modules/networking.nix
+++ b/modules/networking.nix
@ -43,8 +43,32 @@
      1194 # Wireguard
    ];
    extraCommands = ''
-      iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
+      iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o eth0 -j MASQUERADE
    '';
  };

+  # Enable NAT for wireguard
+  networking.nat = {
+    enable = true;
+    externalInterface = "eth0";
+    internalInterfaces = [ "wg0" ];
+  };
+
+  # Wireguard setup
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.9.0.1/24" ];
+      listenPort = 1194;
+      privateKeyFile = "/home/coace/.wg/keys/privatekey";
+      peers = [
+        # Fernando
+        {
+          # Placeholder public key
+          publicKey = "XMkTztU2Y8hw6Fu/2o4Gszij+EmNacvFMXuZyHS1n38=";
+          allowedIPs = [ "10.9.0.2/32" ];
+        }
+      ];
+    };
+  };
+
 }