3 files changed, 37 insertions, 0 deletions

diff --git a/modules/default.nix b/modules/default.nix
index 083e63c..9aed9be 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -24,6 +24,11 @@
       description = "Home directory path of the user";
       default = "/home/${config.user}";
     };
+    dotfilesPath = lib.mkOption {
+      type = lib.types.str;
+      description = "Dotfiles path inside the users home dir";
+      default = "${config.homePath}/.config/nix";
+    };
     email = lib.mkOption {
       type = lib.types.str;
       description = "Primary email of the user";
diff --git a/modules/programs/default.nix b/modules/programs/default.nix
index d526fa2..79f3068 100644
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@@ -11,6 +11,7 @@
 		./neovim
 		./starship
 		./waybar
+		./wireguard
 		./wofi
 		./zsh
 	];
diff --git a/modules/programs/wireguard/default.nix b/modules/programs/wireguard/default.nix
new file mode 100644
index 0000000..8a0986e
--- /dev/null
+++ b/modules/programs/wireguard/default.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+{
+  config = lib.mkIf config.system.enable {
+
+    environment.systemPackages = with pkgs; [
+      wireguard-tools
+    ];
+
+    # TODO: remove this!!!
+    environment.etc = {
+      "resolv.conf".text = "nameserver 10.1.1.1\n";
+    };
+
+    networking.wireguard.enable = true;
+    networking.wireguard.interfaces = {
+      freyanet = {
+        ips = [ "10.2.0.2/32" "fd:cafe:dead:bee::2/128" "fe80::2/128" ];
+        privateKeyFile = "${config.dotfilesPath}/secrets/freyanet.key";
+
+        peers = [{
+          publicKey = "x0ykwakpYCvI/pG+nR83lNUyeOE9m54thnX3bvZ+FUk=";
+          allowedIPs = [ "10.0.0.0/12" "fd:cafe::/32" "fe80::/64" ];
+          endpoint = "freya.cat:41111";
+          persistentKeepalive = 25;
+        }];
+      };
+    };
+
+  };
+}