From 00a43a5a480b2bf1bce2e8e252fc7c68194c017a Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Fri, 6 Feb 2026 07:16:22 -0600 Subject: [PATCH] subnet parameters --- hosts/server/configuration.nix | 4 ++-- hosts/vps/configuration.nix | 8 ++++---- modules/modules.nix | 25 +++++++++++++++++++------ modules/services/wireguard.nix | 6 +++--- 4 files changed, 28 insertions(+), 15 deletions(-) diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix index 2e05411..c23b2d8 100644 --- a/hosts/server/configuration.nix +++ b/hosts/server/configuration.nix @@ -78,8 +78,8 @@ in endpoint = "${config.my.ips.vps}:51820"; allowedIPs = [ "${config.my.ips.wg-vps}/32" - "${config.my.ips.wg-friends}/24" # all friends - "${config.my.ips.wg-gs}/24" # all friends + config.my.subnets.wg-friends + config.my.subnets.wg-guests ]; persistentKeepalive = 25; } diff --git a/hosts/vps/configuration.nix b/hosts/vps/configuration.nix index 99e4aaa..4a23546 100644 --- a/hosts/vps/configuration.nix +++ b/hosts/vps/configuration.nix @@ -8,11 +8,11 @@ let externalInterface = config.my.interfaces.${config.networking.hostName}; wgInterface = "wg0"; homeServer = config.my.ips.wg-server; - wgFriendsSubnet = "${config.my.ips.wg-friends}/24"; - wgGuestsSubnet = "${config.my.ips.wg-gs}/24"; - wgServerSubnet = "${config.my.ips.wg-vps}/24"; + wgFriendsSubnet = config.my.subnets.wg-friends; + wgGuestsSubnet = config.my.subnets.wg-guests; + wgServerSubnet = config.my.subnets.wg-homelab; wgFriend1 = config.my.ips.wg-friend1; - wgGuest1 = config.my.ips.wg-g1; + wgGuest1 = config.my.ips.wg-guest1; giteaSshPort = 22; giteaSshPortStr = toString giteaSshPort; sshPort = 3456; diff --git a/modules/modules.nix b/modules/modules.nix index 048623c..2704395 100644 --- a/modules/modules.nix +++ b/modules/modules.nix @@ -50,14 +50,9 @@ in miniserver = "192.168.1.100"; workstation = "192.168.100.18"; vps = "45.33.0.228"; - wg-s = "10.77.0.0"; wg-vps = "10.77.0.1"; wg-server = "10.77.0.2"; - wg-gs = "10.9.0.0"; - wg-g0 = "10.9.0.1"; - wg-g1 = "10.9.0.2"; - wg-friends = "10.8.0.0"; - wg-friend0 = "10.8.0.1"; + wg-guest1 = "10.9.0.2"; wg-friend1 = "10.8.0.2"; wg-friend2 = "10.8.0.3"; wg-friend3 = "10.8.0.4"; @@ -65,6 +60,24 @@ in }; description = "Set of IP's for all my computers."; }; + subnets = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = { + wg-homelab = "10.77.0.0/24"; + wg-friends = "10.8.0.0/24"; + wg-guests = "10.9.0.0/24"; + }; + description = "Set of subnets for WireGuard networks."; + }; + wgInterfaces = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = { + wg-homelab = "10.77.0.1/24"; + wg-friends = "10.8.0.1/24"; + wg-guests = "10.9.0.1/24"; + }; + description = "WireGuard interface IPs for the VPS."; + }; interfaces = lib.mkOption { type = lib.types.attrsOf lib.types.str; default = { diff --git a/modules/services/wireguard.nix b/modules/services/wireguard.nix index ee6a686..3af3905 100644 --- a/modules/services/wireguard.nix +++ b/modules/services/wireguard.nix @@ -14,9 +14,9 @@ in firewall.allowedUDPPorts = [ port ]; wireguard.interfaces.wg0 = { ips = [ - "${config.my.ips.wg-vps}/24" - "${config.my.ips.wg-friend0}/24" - "${config.my.ips.wg-g0}/24" + config.my.wgInterfaces.wg-homelab + config.my.wgInterfaces.wg-friends + config.my.wgInterfaces.wg-guests ]; listenPort = port; postSetup = "";