wireguard

2025-05-26 23:15:15 +02:00 · 2025-05-26 23:15:15 +02:00 · bdccb2f265
commit bdccb2f265
parent 7268b56265
2 changed files with 10 additions and 5 deletions
--- a/mod/pc-common/network.nix
+++ b/mod/pc-common/network.nix
@ -1,4 +1,9 @@
-{ host, var, ... }:
+{
+  host,
+  var,
+  lib,
+  ...
+}:
 {
  hardware.bluetooth.enable = true;
  services.blueman.enable = true;
@ -18,7 +23,7 @@
        "onet" = {
          address = var.wg.wireguard-network.${host}.ips;
          privateKeyFile = var.wg.keyFile;
-          peers = var.wg.peers-for host;
+          peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ];
        };
        "mullvad" =
          let
--- a/var/wg.nix
+++ b/var/wg.nix
@ -8,7 +8,7 @@ rec {
  wireguard-network = {
    "roam" = {
      publicKey = publicKey."roam";
-      ips = [ "10.10.11.1/24" ];
+      ips = [ "10.10.11.1/32" ];
      allowedIPs = [ "10.10.11.0/24" ];
      endpoint = "185.163.117.158:51820";
      persistentKeepalive = 17;
@ -20,8 +20,8 @@ rec {
    };
    "c2" = {
      publicKey = publicKey."c2";
-      ips = [ "10.10.11.2/24" ];
-      allowedIPs = [ "10.10.11.2/32" ];
+      ips = [ "10.10.11.3/24" ];
+      allowedIPs = [ "10.10.11.3/32" ];
    };
  };
  keyFile = "/var/secrets/wg.key";