eve-psr-nix0/nix/system/wireguard.nix

{ pkgs, config, lib, ...}: {
  networking.wireguard.interfaces = {
    wg0 = {
      ips = [ "192.168.3.1/24" ];
      listenPort = 51820;
      privateKeyFile = "/run/agenix/wireguard/server-private";

      peers = [
          #
          # James
          #
        { # Primary Cell
          publicKey = "jko+bd/y1+3X40/AGX9OpV2H/Wlb9C2Jwkfs4Knjljg=";
          allowedIPs = [ "192.168.3.2/32" ];
        }
          #
          # Caitlynn
          #
        { # Primary Cell
          publicKey = "Xbp3+huOWE0sTcWtk5BA2Qc4gk5vjFVgE6+qYJBpgkY=";
          allowedIPs = [ "192.168.3.3/32" ];
        }
      ];

      postSetup = ''
        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
      '';
      postShutdown = ''
        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
      '';
    };
	};
}
NixOS 24.11 upgrade; drop OpenVPN for WireGuard; clean up open ports 2024-12-05 09:19:27 -06:00			`{ pkgs, config, lib, ...}: {`
			`networking.wireguard.interfaces = {`
			`wg0 = {`
			`ips = [ "192.168.3.1/24" ];`
			`listenPort = 51820;`
			`privateKeyFile = "/run/agenix/wireguard/server-private";`

			`peers = [`
			`#`
			`# James`
			`#`
			`{ # Primary Cell`
			`publicKey = "jko+bd/y1+3X40/AGX9OpV2H/Wlb9C2Jwkfs4Knjljg=";`
			`allowedIPs = [ "192.168.3.2/32" ];`
			`}`
			`#`
			`# Caitlynn`
			`#`
			`{ # Primary Cell`
			`publicKey = "Xbp3+huOWE0sTcWtk5BA2Qc4gk5vjFVgE6+qYJBpgkY=";`
			`allowedIPs = [ "192.168.3.3/32" ];`
			`}`
			`];`

			`postSetup = ''`
			`${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE`
			`'';`
			`postShutdown = ''`
			`${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE`
			`'';`
			`};`
			`};`
			`}`