21 lines
471 B
Nix
21 lines
471 B
Nix
{ config, hostsPath, ... }:
|
|
|
|
let
|
|
serverData = import (hostsPath + "/tatos/data.secret.nix");
|
|
in
|
|
{
|
|
age.secrets.wireguard-home-private = {
|
|
file = ./wireguard-home-private.age;
|
|
mode = "0400";
|
|
};
|
|
|
|
local.services.vpn.wireguard = {
|
|
enable = true;
|
|
ip = "10.20.30.3/24";
|
|
privateKeyFile = config.age.secrets.wireguard-home-private.path;
|
|
server = {
|
|
inherit (serverData) addr;
|
|
inherit (serverData.wireguard) port publicKey;
|
|
};
|
|
};
|
|
}
|