panacea/modules/networking.nix

56 lines
1.2 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
{
# Set hostname, hostid and enable WiFi
networking = {
hostName = "panacea";
2020-05-08 21:53:52 +02:00
hostId = "8feb0bb8";
wireless.iwd.enable = true;
2020-07-17 12:07:57 +02:00
enableIPv6 = false;
};
# Enable zeroconf
services.avahi = {
enable = true;
nssmdns = true;
};
# Wireguard setup
networking.wg-quick.interfaces = {
home = {
2020-06-10 01:19:20 +02:00
address = [ "10.8.0.2/32" ];
2021-08-09 02:10:51 +02:00
privateKeyFile = config.age.secrets.wireguard.path;
2020-12-01 11:05:38 +01:00
dns = [ "10.8.0.1" ];
peers = [
# zion
{
publicKey = "GN8lqPBZYOulh6xD4GhkoEWI65HMMCpSxJSH5871YnU=";
allowedIPs = [ "0.0.0.0/0" ];
endpoint = "coolneng.duckdns.org:1194";
}
];
};
coace = {
2021-03-17 13:10:11 +01:00
address = [ "10.9.0.2/32" ];
2021-08-09 02:10:51 +02:00
privateKeyFile = config.age.secrets.wireguard.path;
2021-03-17 13:10:11 +01:00
peers = [
# unit
{
publicKey = "SYfPEKJkO3HaCiQdV/iionsS6CEjLcLt9C0x0Ib3tEU=";
allowedIPs = [ "10.9.0.1/32" "10.0.1.0/24" "10.0.0.0/24" ];
2021-03-30 16:08:08 +02:00
endpoint = "coace.duckdns.org:1194";
2021-03-17 13:10:11 +01:00
}
];
};
};
# Enable localhost SSH
services.openssh = {
enable = true;
permitRootLogin = "yes";
passwordAuthentication = false;
openFirewall = false;
startWhenNeeded = true;
};
}