Set up Wireguard
This commit is contained in:
parent
f8d6d12056
commit
2704bbab2b
GPG Key ID:
9893DA236405AF57
|
|
@ -43,4 +43,28 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
nssmdns = true;
|
nssmdns = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# VPN setup
|
||||||
|
systemd.network.netdevs."wg0" = {
|
||||||
|
netdevConfig = {
|
||||||
|
Kind = "wireguard";
|
||||||
|
Name = "wg0";
|
||||||
|
};
|
||||||
|
wireguardConfig.PrivateKeyFile = config.age.secrets.wireguard.path;
|
||||||
|
wireguardPeers = [{
|
||||||
|
wireguardPeerConfig = {
|
||||||
|
PublicKey = "GN8lqPBZYOulh6xD4GhkoEWI65HMMCpSxJSH5871YnU=";
|
||||||
|
AllowedIPs = [ "0.0.0.0/0" ];
|
||||||
|
Endpoint = "coolneng.duckdns.org:443";
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
systemd.network.networks."wg0" = {
|
||||||
|
matchConfig.Name = "wg0";
|
||||||
|
networkConfig = {
|
||||||
|
Address = "10.8.0.2/32";
|
||||||
|
DNS = "10.8.0.1";
|
||||||
|
};
|
||||||
|
routes = [{ routeConfig.Destination = "10.8.0.1"; }];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue