Made wireguard work: 10.0.0.1 accessible

2026-01-12 02:17:20 +02:00
parent dd95e572ec
commit db5fce9c57
3 changed files with 17 additions and 8 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -2,11 +2,11 @@
  "nodes": {
    "nixpkgs": {
      "locked": {
-        "lastModified": 1767892417,
-        "narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=",
+        "lastModified": 1768127708,
+        "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
+        "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38",
        "type": "github"
      },
      "original": {
--- a/hosts/puter/packages.nix
+++ b/hosts/puter/packages.nix
@@ -20,8 +20,6 @@
    # Modules
  ];

-  programs.ssh.startAgent = true;
-
  users.users.user.shell = pkgs.bash;
  users.users.user = {
    isNormalUser = true;
--- a/hosts/puter/wireguard.nix
+++ b/hosts/puter/wireguard.nix
@@ -3,7 +3,18 @@
  pkgs,
  ...
 }: {
-  environment.systemPackages = with pkgs; [
-    wireguard-tools
-  ];
+    networking.wireguard.interfaces = {
+      wg0 = {
+              ips = [ "10.0.0.3/32" ];
+              listenPort = 5553;
+              privateKeyFile = "/etc/wireguard/wg0.key";
+              peers = [
+              { # cloudhaus
+               publicKey = "SOqdU6uku2t0l8lGBDEnwDNHrb5Nk/64qA6++mGa+CI=";
+               allowedIPs = [ "10.0.0.1/32"];
+               endpoint = "46.62.255.194:51820";
+               persistentKeepalive = 25;
+              }];
+      };
+    };
 }