system/hosts/asus-gl553vd/configs/wireguard/default.nix

21 lines
495 B
Nix

{ config, hostsPath, ... }:
let
serverData = import (hostsPath + "/tatos/data.secret.nix");
in
{
age.secrets.wireguard-asus-gl553vd-private = {
file = ./wireguard-asus-gl553vd-private.age;
mode = "0400";
};
local.services.vpn.wireguard = {
enable = true;
ip = "10.20.30.4/24";
privateKeyFile = config.age.secrets.wireguard-asus-gl553vd-private.path;
server = {
inherit (serverData) addr;
inherit (serverData.wireguard) port publicKey;
};
};
}