system/hosts/home/configs/wireguard/default.nix

22 lines
471 B
Nix
Raw Normal View History

{ config, hostsPath, ... }:
2024-04-16 02:51:46 +03:00
let
serverData = import (hostsPath + "/tatos/data.secret.nix");
2024-04-16 02:51:46 +03:00
in
{
age.secrets.wireguard-home-private = {
file = ./wireguard-home-private.age;
mode = "0400";
};
local.services.vpn.wireguard = {
enable = true;
ip = "10.20.30.3/24";
privateKeyFile = config.age.secrets.wireguard-home-private.path;
server = {
inherit (serverData) addr;
inherit (serverData.wireguard) port publicKey;
};
};
}