48 lines
1.3 KiB
Nix
48 lines
1.3 KiB
Nix
{ lib, ... }:
|
|
rec {
|
|
publicKey = {
|
|
"roam" = "yUbdRfRFFVe4FPUaD7pVByLRhpF9Yl1kethxRUHpVgs=";
|
|
"solo" = "SRDguh0aN/RH8q/uB09w/OZTbP9JZZy0ABowbWIfkTk=";
|
|
"c2" = "yJ1vrI9+qzUHuQJxeRDLCDCMRCIhF+0UNPwz3agyxTk=";
|
|
"fw" = "xpiJJMPhZEIEvNDBYRbnOsBeDCdKN1cHdYM95b9+rUY=";
|
|
};
|
|
wireguard-network = {
|
|
"roam" = {
|
|
publicKey = publicKey."roam";
|
|
ips = [ "10.10.11.1/32" ];
|
|
allowedIPs = [ "10.10.11.0/24" ];
|
|
endpoint = "185.163.117.158:51820";
|
|
persistentKeepalive = 17;
|
|
};
|
|
"solo" = {
|
|
publicKey = publicKey."solo";
|
|
ips = [ "10.10.11.2/32" ];
|
|
allowedIPs = [ "10.10.11.2/32" ];
|
|
persistentKeepalive = 13;
|
|
};
|
|
"c2" = {
|
|
publicKey = publicKey."c2";
|
|
ips = [ "10.10.11.3/32" ];
|
|
allowedIPs = [ "10.10.11.3/32" ];
|
|
persistentKeepalive = 19;
|
|
};
|
|
"fw" = {
|
|
publicKey = publicKey."fw";
|
|
ips = [ "10.10.11.4/32" ];
|
|
allowedIPs = [ "10.10.11.4/32" ];
|
|
persistentKeepalive = 23;
|
|
};
|
|
};
|
|
keyFile = "/var/secrets/wg.key";
|
|
|
|
# Helper method: `peers-for x` filters out `x` from wireguard-network
|
|
peers-for =
|
|
host:
|
|
map (lib.filterAttrs (n: _: n != "ips")) (
|
|
lib.attrValues (lib.filterAttrs (n: _: n != host) wireguard-network)
|
|
);
|
|
|
|
ips =
|
|
with builtins;
|
|
mapAttrs (name: value: head (lib.splitString "/" (head value.ips))) wireguard-network;
|
|
}
|