From 0ef23d4501592a192ba020a2ac34abb1a3d8fc5e Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Sat, 11 Mar 2023 12:51:58 +0300 Subject: 2023-03-11 --- nixosConfigurations/manwe/default.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'nixosConfigurations/manwe') diff --git a/nixosConfigurations/manwe/default.nix b/nixosConfigurations/manwe/default.nix index 12d929e..a47cd88 100644 --- a/nixosConfigurations/manwe/default.nix +++ b/nixosConfigurations/manwe/default.nix @@ -1,5 +1,6 @@ { config, + inputs, lib, ... }: @@ -34,6 +35,7 @@ with lib; { enable = true; domain = my.domain.azahi; }; + murmur.enable = true; radicale.enable = true; rss-bridge.enable = true; shadowsocks.enable = true; @@ -44,6 +46,35 @@ with lib; { vaultwarden.enable = true; }; + # To play old LAN games with the boys. + secrets."wireguard-private-key-70".file = "${inputs.self}/secrets/wireguard-private-key-70"; + networking = mkIf config.nixfiles.modules.wireguard.server.enable { + wireguard.interfaces.wg70 = { + ips = ["10.70.0.1/16"]; + listenPort = 7070; + privateKeyFile = config.secrets."wireguard-private-key-70".path; + peers = [ + { + publicKey = "@PUBLIC_KEY@"; + allowedIPs = ["10.70.1.1/32"]; + } + { + publicKey = "@PUBLIC_KEY@"; + allowedIPs = ["10.70.1.2/32"]; + } + { + publicKey = "@PUBLIC_KEY@"; + allowedIPs = ["10.70.1.3/32"]; + } + { + publicKey = "@PUBLIC_KEY@"; + allowedIPs = ["10.70.1.4/32"]; + } + ]; + }; + firewall.allowedUDPPorts = [7070]; + }; + boot = { loader.grub = { enable = true; -- cgit 1.4.1