wireguard for gemini
This commit is contained in:
parent
58768d0378
commit
b5b211e36f
SSH key fingerprint:
SHA256:yz2SoxdnY67tfY5Jzb0f2v8f5W3o/IF359kbcquWip8
2 changed files with 25 additions and 1 deletions
|
|
@ -21,7 +21,30 @@
|
|||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
||||
|
||||
|
||||
networking.wg-quick.interfaces = {
|
||||
wg0 = {
|
||||
address = [
|
||||
"10.100.0.4/32"
|
||||
];
|
||||
|
||||
listenPort = 51820;
|
||||
|
||||
# Path to the private key file.
|
||||
privateKeyFile = "/etc/nixos/hosts/gemini/wg.key";
|
||||
|
||||
peers = [{
|
||||
publicKey = "atXy3zi3FLoxP8hgzJIIeLGks4Te9HrKkQGoaobholM=";
|
||||
presharedKey = "Z3pRS99HKCOuQV7az2GqlR3X4XbX3PlfQrC5AoT3XkA=";
|
||||
allowedIPs = [ "10.100.0.0/24" ];
|
||||
endpoint = "moms_wg.wg.stitchy.moe:47111";
|
||||
persistentKeepalive = 25;
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@
|
|||
pinentry
|
||||
wget
|
||||
python3
|
||||
cyrus-sasl-xoauth2
|
||||
libnotify
|
||||
networkmanager-openvpn
|
||||
eza
|
||||
|
|
|
|||
Loading…
Reference in a new issue