59 lines
1.3 KiB
Nix
59 lines
1.3 KiB
Nix
{ lib, config, pkgs, ... }: {
|
|
environment = {
|
|
systemPackages = with pkgs; [
|
|
wireguard-tools
|
|
];
|
|
};
|
|
|
|
networking = {
|
|
hostName = config.system.name;
|
|
useDHCP = false;
|
|
useNetworkd = true;
|
|
|
|
firewall = {
|
|
interfaces.management.allowedTCPPorts = [ 8080 ];
|
|
};
|
|
|
|
wireless.iwd = {
|
|
enable = true;
|
|
settings = {
|
|
# systemd-networkd gets confused if we hop between networks and doesn't redo DHCP
|
|
General.EnableNetworkConfiguration = true;
|
|
DriverQuirks.DefaultInterface = "*";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd = {
|
|
network = {
|
|
wait-online.enable = false;
|
|
netdevs = {
|
|
"10-management" = {
|
|
netdevConfig = {
|
|
Name = "management";
|
|
Kind = "wireguard";
|
|
};
|
|
wireguardConfig = {
|
|
PrivateKeyFile = "/etc/qclk/wg.key";
|
|
RouteTable = "main";
|
|
};
|
|
wireguardPeers = [
|
|
{
|
|
Endpoint = "94.142.240.44:51821";
|
|
PublicKey = "itMQ2DlPEMdJFlIZRQkwa+Mv7cLc9d4zgfzlljEtLn4=";
|
|
AllowedIPs = [ "10.100.4.1/32" ];
|
|
PersistentKeepalive = 15;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
networks = {
|
|
"10-ethernet" = {
|
|
matchConfig.Name = "ethernet";
|
|
DHCP = "yes";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|