nixin-krops/modules/wireguard-client.nix

38 lines
836 B
Nix
Raw Normal View History

# Wireguard VPN client configuration
{ config, pkgs, lib, ... }:
let
inherit (lib) mkOption mkDefault;
in
{
options = {
nixin.wg.client = {
ipv4 = mkOption { };
ipv6 = mkOption { };
};
};
config = {
networking = {
wg-quick.interfaces = {
wg0 = {
address = [ config.nixin.wg.client.ipv4 config.nixin.wg.client.ipv6 ];
dns = [ "80.67.169.12" "80.67.169.40" "2001:910:800::12" "2001:910:800::40" ];
privateKeyFile = "/var/src/secrets/wg-private.key";
peers = [
{
publicKey = "cUmp55I20JEhxr+RMmOsX+6U9kcDiAq3grnvzjQ642w=";
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "vpn.lab12.fr:51812";
persistentKeepalive = 15;
}
];
};
};
};
};
}