{ config, hostsPath, ... }: let serverData = import (hostsPath + "/tatos/data.secret.nix"); in { age.secrets.wireguard-asus-gl553vd-private = { file = ./wireguard-asus-gl553vd-private.age; mode = "0400"; }; local.services.vpn.wireguard = { enable = true; ip = "10.20.30.4/24"; privateKeyFile = config.age.secrets.wireguard-asus-gl553vd-private.path; server = { inherit (serverData) addr; inherit (serverData.wireguard) port publicKey; }; }; }