add freyanet and sops to thinkpad

author: Freya Murphy <freya@freyacat.org> 2025-07-02 20:07:50 -0400
committer: Freya Murphy <freya@freyacat.org> 2025-07-02 20:07:50 -0400
commit: b130948ddf03010ef7c2fc9b4b4841e41f5e6b73 (patch)
tree: e73fe706908fe79afeaab72157216584d7ad25ce /hosts/thinkpad/wireguard.nix
parent: add rosepine themes (diff)
download: dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.tar.gz
dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.tar.bz2
dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.zip
1 files changed, 27 insertions, 0 deletions
diff --git a/hosts/thinkpad/wireguard.nix b/hosts/thinkpad/wireguard.nix
new file mode 100644
index 0000000..84ba8d1
--- /dev/null
+++ b/hosts/thinkpad/wireguard.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [
+    wireguard-tools
+  ];
+
+  networking.wg-quick.interfaces = {
+    freyanet = {
+      address = ["10.2.0.10/32" "fd:cafe:dead:bee::10/128" "fe80::10/128"];
+      dns = ["10.3.0.138"];
+      privateKeyFile = config.sops.secrets.freyanetWg.path;
+      autostart = false;
+
+      peers = [
+        {
+          publicKey = "x0ykwakpYCvI/pG+nR83lNUyeOE9m54thnX3bvZ+FUk=";
+          allowedIPs = ["10.0.0.0/14" "fd:cafe::/32"];
+          endpoint = "cid.freya.cat:3000";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+}
author	Freya Murphy <freya@freyacat.org>	2025-07-02 20:07:50 -0400
committer	Freya Murphy <freya@freyacat.org>	2025-07-02 20:07:50 -0400
commit	b130948ddf03010ef7c2fc9b4b4841e41f5e6b73 (patch)
tree	e73fe706908fe79afeaab72157216584d7ad25ce /hosts/thinkpad/wireguard.nix
parent	add rosepine themes (diff)
download	dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.tar.gz dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.tar.bz2 dotfiles-nix-b130948ddf03010ef7c2fc9b4b4841e41f5e6b73.zip