subnet parameters

2026-02-06 07:16:22 -06:00
parent 788ea5ad26
commit 00a43a5a48
4 changed files with 28 additions and 15 deletions
--- a/hosts/server/configuration.nix
+++ b/hosts/server/configuration.nix
@@ -78,8 +78,8 @@ in
          endpoint = "${config.my.ips.vps}:51820";
          allowedIPs = [
            "${config.my.ips.wg-vps}/32"
-            "${config.my.ips.wg-friends}/24" # all friends
-            "${config.my.ips.wg-gs}/24" # all friends
+            config.my.subnets.wg-friends
+            config.my.subnets.wg-guests
          ];
          persistentKeepalive = 25;
        }
--- a/hosts/vps/configuration.nix
+++ b/hosts/vps/configuration.nix
@@ -8,11 +8,11 @@ let
  externalInterface = config.my.interfaces.${config.networking.hostName};
  wgInterface = "wg0";
  homeServer = config.my.ips.wg-server;
-  wgFriendsSubnet = "${config.my.ips.wg-friends}/24";
-  wgGuestsSubnet = "${config.my.ips.wg-gs}/24";
-  wgServerSubnet = "${config.my.ips.wg-vps}/24";
+  wgFriendsSubnet = config.my.subnets.wg-friends;
+  wgGuestsSubnet = config.my.subnets.wg-guests;
+  wgServerSubnet = config.my.subnets.wg-homelab;
  wgFriend1 = config.my.ips.wg-friend1;
-  wgGuest1 = config.my.ips.wg-g1;
+  wgGuest1 = config.my.ips.wg-guest1;
  giteaSshPort = 22;
  giteaSshPortStr = toString giteaSshPort;
  sshPort = 3456;
--- a/modules/modules.nix
+++ b/modules/modules.nix
@@ -50,14 +50,9 @@ in
        miniserver = "192.168.1.100";
        workstation = "192.168.100.18";
        vps = "45.33.0.228";
-        wg-s = "10.77.0.0";
        wg-vps = "10.77.0.1";
        wg-server = "10.77.0.2";
-        wg-gs = "10.9.0.0";
-        wg-g0 = "10.9.0.1";
-        wg-g1 = "10.9.0.2";
-        wg-friends = "10.8.0.0";
-        wg-friend0 = "10.8.0.1";
+        wg-guest1 = "10.9.0.2";
        wg-friend1 = "10.8.0.2";
        wg-friend2 = "10.8.0.3";
        wg-friend3 = "10.8.0.4";
@@ -65,6 +60,24 @@ in
      };
      description = "Set of IP's for all my computers.";
    };
+    subnets = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = {
+        wg-homelab = "10.77.0.0/24";
+        wg-friends = "10.8.0.0/24";
+        wg-guests = "10.9.0.0/24";
+      };
+      description = "Set of subnets for WireGuard networks.";
+    };
+    wgInterfaces = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = {
+        wg-homelab = "10.77.0.1/24";
+        wg-friends = "10.8.0.1/24";
+        wg-guests = "10.9.0.1/24";
+      };
+      description = "WireGuard interface IPs for the VPS.";
+    };
    interfaces = lib.mkOption {
      type = lib.types.attrsOf lib.types.str;
      default = {
--- a/modules/services/wireguard.nix
+++ b/modules/services/wireguard.nix
@@ -14,9 +14,9 @@ in
      firewall.allowedUDPPorts = [ port ];
      wireguard.interfaces.wg0 = {
        ips = [
-          "${config.my.ips.wg-vps}/24"
-          "${config.my.ips.wg-friend0}/24"
-          "${config.my.ips.wg-g0}/24"
+          config.my.wgInterfaces.wg-homelab
+          config.my.wgInterfaces.wg-friends
+          config.my.wgInterfaces.wg-guests
        ];
        listenPort = port;
        postSetup = "";