Skip to content

Commit

Permalink
feat: add wireguard VPN
Browse files Browse the repository at this point in the history
  • Loading branch information
M0NsTeRRR committed Dec 24, 2024
1 parent 8e00305 commit e200c17
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 0 deletions.
1 change: 1 addition & 0 deletions system/modules/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,6 @@
./user.nix
./video.nix
./virtualisation.nix
./vpn.nix
];
}
2 changes: 2 additions & 0 deletions system/modules/user.nix
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@

users.users.root.hashedPassword = "!";

users.groups.${username} = {};
users.users.${username} = {
isNormalUser = true;
initialPassword = "temp123";
group = username;
shell = pkgs.zsh;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
Expand Down
21 changes: 21 additions & 0 deletions system/modules/vpn.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{ username, ... }:
{
networking.wg-quick.interfaces = {
homelab = {
autostart = false;
address = [ "192.168.4.12/32" "2a0c:b641:02c0:104::12/128" ];
dns = [ "192.168.10.21" "192.168.10.22" "2a0c:b641:02c0:110::21" "2a0c:b641:02c0:110::22" "unicornafk.fr" ];
privateKeyFile = "/home/${username}/wireguard-keys/homelab.priv";

peers = [
{
publicKey = "S8x303fQKjZ2DI+dhbf4y4fGMYgv90mvipgG8XF8rl4=";
presharedKeyFile = "/home/${username}/wireguard-keys/homelab.peer";
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "vpn.adminafk.fr:51820";
persistentKeepalive = 25;
}
];
};
};
}

0 comments on commit e200c17

Please sign in to comment.