From b130948ddf03010ef7c2fc9b4b4841e41f5e6b73 Mon Sep 17 00:00:00 2001
From: Freya Murphy <freya@freyacat.org>
Date: Wed, 2 Jul 2025 20:07:50 -0400
Subject: add freyanet and sops to thinkpad

---
 hosts/thinkpad/wireguard.nix | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 hosts/thinkpad/wireguard.nix

(limited to 'hosts/thinkpad/wireguard.nix')

diff --git a/hosts/thinkpad/wireguard.nix b/hosts/thinkpad/wireguard.nix
new file mode 100644
index 0000000..84ba8d1
--- /dev/null
+++ b/hosts/thinkpad/wireguard.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [
+    wireguard-tools
+  ];
+
+  networking.wg-quick.interfaces = {
+    freyanet = {
+      address = ["10.2.0.10/32" "fd:cafe:dead:bee::10/128" "fe80::10/128"];
+      dns = ["10.3.0.138"];
+      privateKeyFile = config.sops.secrets.freyanetWg.path;
+      autostart = false;
+
+      peers = [
+        {
+          publicKey = "x0ykwakpYCvI/pG+nR83lNUyeOE9m54thnX3bvZ+FUk=";
+          allowedIPs = ["10.0.0.0/14" "fd:cafe::/32"];
+          endpoint = "cid.freya.cat:3000";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+}
-- 
cgit v1.2.3-freya