jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

subnet parameters

Browse Source
This commit is contained in:
Danilo Reyes
2026-02-06 07:16:22 -06:00
parent 788ea5ad26
commit 00a43a5a48
4 changed files with 28 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/server/configuration.nix
View File

@@ -78,8 +78,8 @@ in
endpoint = "${config.my.ips.vps}:51820"; endpoint = "${config.my.ips.vps}:51820";
allowedIPs = [ allowedIPs = [
"${config.my.ips.wg-vps}/32" "${config.my.ips.wg-vps}/32"
"${config.my.ips.wg-friends}/24" # all friends config.my.subnets.wg-friends
"${config.my.ips.wg-gs}/24" # all friends config.my.subnets.wg-guests
]; ];
persistentKeepalive = 25; persistentKeepalive = 25;
} }

8
hosts/vps/configuration.nix
View File

@@ -8,11 +8,11 @@ let
externalInterface = config.my.interfaces.${config.networking.hostName}; externalInterface = config.my.interfaces.${config.networking.hostName};
wgInterface = "wg0"; wgInterface = "wg0";
homeServer = config.my.ips.wg-server; homeServer = config.my.ips.wg-server;
wgFriendsSubnet = "${config.my.ips.wg-friends}/24"; wgFriendsSubnet = config.my.subnets.wg-friends;
wgGuestsSubnet = "${config.my.ips.wg-gs}/24"; wgGuestsSubnet = config.my.subnets.wg-guests;
wgServerSubnet = "${config.my.ips.wg-vps}/24"; wgServerSubnet = config.my.subnets.wg-homelab;
wgFriend1 = config.my.ips.wg-friend1; wgFriend1 = config.my.ips.wg-friend1;
wgGuest1 = config.my.ips.wg-g1; wgGuest1 = config.my.ips.wg-guest1;
giteaSshPort = 22; giteaSshPort = 22;
giteaSshPortStr = toString giteaSshPort; giteaSshPortStr = toString giteaSshPort;
sshPort = 3456; sshPort = 3456;

25
modules/modules.nix
View File

@@ -50,14 +50,9 @@ in
miniserver = "192.168.1.100"; miniserver = "192.168.1.100";
workstation = "192.168.100.18"; workstation = "192.168.100.18";
vps = "45.33.0.228"; vps = "45.33.0.228";
wg-s = "10.77.0.0";
wg-vps = "10.77.0.1"; wg-vps = "10.77.0.1";
wg-server = "10.77.0.2"; wg-server = "10.77.0.2";
wg-gs = "10.9.0.0"; wg-guest1 = "10.9.0.2";
wg-g0 = "10.9.0.1";
wg-g1 = "10.9.0.2";
wg-friends = "10.8.0.0";
wg-friend0 = "10.8.0.1";
wg-friend1 = "10.8.0.2"; wg-friend1 = "10.8.0.2";
wg-friend2 = "10.8.0.3"; wg-friend2 = "10.8.0.3";
wg-friend3 = "10.8.0.4"; wg-friend3 = "10.8.0.4";
@@ -65,6 +60,24 @@ in
}; };
description = "Set of IP's for all my computers."; description = "Set of IP's for all my computers.";
}; };
subnets = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = {
wg-homelab = "10.77.0.0/24";
wg-friends = "10.8.0.0/24";
wg-guests = "10.9.0.0/24";
};
description = "Set of subnets for WireGuard networks.";
};
wgInterfaces = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = {
wg-homelab = "10.77.0.1/24";
wg-friends = "10.8.0.1/24";
wg-guests = "10.9.0.1/24";
};
description = "WireGuard interface IPs for the VPS.";
};
interfaces = lib.mkOption { interfaces = lib.mkOption {
type = lib.types.attrsOf lib.types.str; type = lib.types.attrsOf lib.types.str;
default = { default = {

6
modules/services/wireguard.nix
View File

@@ -14,9 +14,9 @@ in
firewall.allowedUDPPorts = [ port ]; firewall.allowedUDPPorts = [ port ];
wireguard.interfaces.wg0 = { wireguard.interfaces.wg0 = {
ips = [ ips = [
"${config.my.ips.wg-vps}/24" config.my.wgInterfaces.wg-homelab
"${config.my.ips.wg-friend0}/24" config.my.wgInterfaces.wg-friends
"${config.my.ips.wg-g0}/24" config.my.wgInterfaces.wg-guests
]; ];
listenPort = port; listenPort = port;
postSetup = ""; postSetup = "";