37 lines
880 B
Nix
37 lines
880 B
Nix
# Wireguard VPN client configuration
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
let
|
|
inherit (lib) mkOption mkDefault;
|
|
|
|
in
|
|
{
|
|
options = {
|
|
nixin.wg.client = {
|
|
ipv4 = mkOption { type = lib.types.str; };
|
|
ipv6 = mkOption { type = lib.types.str; };
|
|
};
|
|
};
|
|
|
|
config = {
|
|
networking = {
|
|
wg-quick.interfaces = {
|
|
wg0 = {
|
|
address = [ config.nixin.wg.client.ipv4 config.nixin.wg.client.ipv6 ];
|
|
dns = [ "80.67.169.12" "80.67.169.40" "2001:910:800::12" "2001:910:800::40" ];
|
|
privateKeyFile = "/var/src/secrets/wg-private.key";
|
|
|
|
peers = [
|
|
{
|
|
publicKey = "cUmp55I20JEhxr+RMmOsX+6U9kcDiAq3grnvzjQ642w=";
|
|
allowedIPs = [ "0.0.0.0/0" "::/0" ];
|
|
endpoint = "vpn.lab12.fr:51812";
|
|
persistentKeepalive = 15;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|