systems/afrodite/networking.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

{lib, ...}: {
  networking = {
    hostName = "afrodite";
    useDHCP = lib.mkDefault true;

    nameservers = [ "208.67.222.222" "208.67.220.220" ];

    firewall = {
      enable = true;

      allowedTCPPorts = [ 22 80 443 ];
      allowedUDPPorts = [ 53 51820 ];
    };

    networkmanager.enable = true;

    wg-quick.interfaces."home" = {
      privateKeyFile = "/home/leo/.wireguard/home";
      address = [ "10.69.0.1/24" ];

      listenPort = 51820;

      peers = [
        {
          publicKey = "GX/1ks+T1OcBsW7XiMIN1k2/azaCWH69eGh9dltfJhU=";
          allowedIPs = [ "10.69.0.2/32" ];
          persistentKeepalive = 25;
        }
        {
          publicKey = "99XBoIZ55yradB45bDZ94fc1IQGkNp9argWaT2otRBU=";
          allowedIPs = [ "10.69.0.3/32" ];
          persistentKeepalive = 25;
        }
        #{
        #  publicKey = "";
        #  allowedIPs = [ "10.69.0.4/32" ];
        #  persistentKeepalive = 25;
        #}
        {
          publicKey = "bMgACe4Pp2VQ0lpMb0Q2RVw/n5KIIg20xT90eesxcEw=";
          allowedIPs = [ "10.69.0.5/32" ];
          persistentKeepalive = 25;
        }
      ];
    };
  };
}