dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Updated VPN addresses

Browse source
This commit is contained in:
Tim Schubert 2022-04-10 14:20:56 +02:00
parent f7f6d03ee2
commit 04ee4a1507
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
2 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/networking.nix
View file

@ -115,7 +115,7 @@ in
networking.wireguard.interfaces = mkIf (cfg.vpnExtension != null) {
bs = {
ips = [ "fd42:dead:beef:1337::${cfg.vpnExtension}/64" ];
ips = [ "fd42:9c3b:f96d::${cfg.vpnExtension}/64" ];
listenPort = 51234;
privateKeyFile = "/var/lib/wireguard/privkey";
@ -123,7 +123,7 @@ in
peers = [
{
publicKey = "lFB2DWtzp55ajV0Fk/OWdO9JlGvN9QsayYKQQHV3GEs=";
allowedIPs = [ "fd42:dead:beef::/48" ];
allowedIPs = [ "fd42:9c3b:f96d::/48" ];
endpoint = "bs.vpn.dadada.li:51234";
persistentKeepalive = 25;
}
@ -140,7 +140,7 @@ in
systemd.services.wg-reresolve-dns = mkIf (cfg.vpnExtension != null) {
serviceConfig.Type = "oneshot";
script = ''
${pkgs.wireguard-tools}/bin/wg set bs peer lFB2DWtzp55ajV0Fk/OWdO9JlGvN9QsayYKQQHV3GEs= endpoint bs.vpn.dadada.li:51234 persistent-keepalive 25 allowed-ips fd42:dead:beef::/48
${pkgs.wireguard-tools}/bin/wg set bs peer lFB2DWtzp55ajV0Fk/OWdO9JlGvN9QsayYKQQHV3GEs= endpoint bs.vpn.dadada.li:51234 persistent-keepalive 25 allowed-ips fd42:9c3b:f96d::/48
'';
};

4
nixos/modules/vpnServer.nix
View file

@ -36,12 +36,12 @@ in
networking.wireguard.interfaces."wg0" = {
allowedIPsAsRoutes = true;
privateKeyFile = "/var/lib/wireguard/wg0-key";
ips = [ "fd42:dead:beef:1337::0/64" ];
ips = [ "fd42:9c3b:f96d:0200::0/64" ];
listenPort = 51234;
peers = map
(peer: (
{
allowedIPs = [ "fd42:dead:beef:1337::${peer.id}/128" ];
allowedIPs = [ "fd42:9c3b:f96d:0200::${peer.id}/128" ];
publicKey = peer.key;
}))
(attrValues cfg.peers);