jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new wireguard connections
Some checks failed
MCP Tests / mcp-tests (push) Failing after 5s
Details

Browse Source
This commit is contained in:
Danilo Reyes
2026-02-06 19:22:36 -06:00
parent a8dda9d32d
commit 95c6cefd24
3 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/vps/configuration.nix
View File

@@ -12,6 +12,7 @@ let
homeServer = config.my.ips.wg-server; homeServer = config.my.ips.wg-server;
wgFriend1 = config.my.ips.wg-friend1; wgFriend1 = config.my.ips.wg-friend1;
wgGuest1 = config.my.ips.wg-guest1; wgGuest1 = config.my.ips.wg-guest1;
wgGuest2 = config.my.ips.wg-guest2;
}; };
subnets = { subnets = {
wgFriends = config.my.subnets.wg-friends; wgFriends = config.my.subnets.wg-friends;
@@ -102,6 +103,7 @@ in
iifname "${wgInterface}" ip saddr ${subnets.wgFriends} ip daddr ${ips.homeServer}/32 icmp type echo-request accept iifname "${wgInterface}" ip saddr ${subnets.wgFriends} ip daddr ${ips.homeServer}/32 icmp type echo-request accept
iifname "${wgInterface}" ip saddr ${ips.wgFriend1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept iifname "${wgInterface}" ip saddr ${ips.wgFriend1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
iifname "${wgInterface}" ip saddr ${ips.wgGuest1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept iifname "${wgInterface}" ip saddr ${ips.wgGuest1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
iifname "${wgInterface}" ip saddr ${ips.wgGuest2}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
iifname "${wgInterface}" ip saddr ${subnets.wgGuests} ip daddr ${ips.homeServer}/32 icmp type echo-request accept iifname "${wgInterface}" ip saddr ${subnets.wgGuests} ip daddr ${ips.homeServer}/32 icmp type echo-request accept
iifname "${wgInterface}" ip saddr ${subnets.wgFriends} oifname "${externalInterface}" accept iifname "${wgInterface}" ip saddr ${subnets.wgFriends} oifname "${externalInterface}" accept

4
modules/modules.nix
View File

@@ -53,11 +53,15 @@ in
vps = "45.79.25.87"; vps = "45.79.25.87";
wg-vps = "10.77.0.1"; wg-vps = "10.77.0.1";
wg-server = "10.77.0.2"; wg-server = "10.77.0.2";
wg-galaxy = "10.77.0.3";
wg-phone = "10.77.0.4";
wg-guest1 = "10.9.0.2"; wg-guest1 = "10.9.0.2";
wg-guest2 = "10.9.0.3";
wg-friend1 = "10.8.0.2"; wg-friend1 = "10.8.0.2";
wg-friend2 = "10.8.0.3"; wg-friend2 = "10.8.0.3";
wg-friend3 = "10.8.0.4"; wg-friend3 = "10.8.0.4";
wg-friend4 = "10.8.0.5"; wg-friend4 = "10.8.0.5";
wg-friend5 = "10.8.0.6";
}; };
description = "Set of IP's for all my computers."; description = "Set of IP's for all my computers.";
}; };

16
modules/services/wireguard.nix
View File

@@ -43,6 +43,22 @@ in
publicKey = "yg+2miZCrx89znFaUlU/le/7UIPgEAMY74fZfEwz8g4="; publicKey = "yg+2miZCrx89znFaUlU/le/7UIPgEAMY74fZfEwz8g4=";
allowedIPs = [ "${config.my.ips.wg-friend4}/32" ]; allowedIPs = [ "${config.my.ips.wg-friend4}/32" ];
} }
{
publicKey = "u4/6ZYO7lUJZ9QmSlFPUaadq25gwDljjhsfgs/p2amc=";
allowedIPs = [ "${config.my.ips.wg-friend5}/32" ];
}
{
publicKey = "NvhUnErIb0/hi+Hui/o5l5Pq4ZysFVIn1VBPsjoTeCk=";
allowedIPs = [ "${config.my.ips.wg-guest2}/32" ];
}
{
publicKey = "BwN4uCkMd6eAS5Ugld0oXnA16IhgEEQF8mOJ3+vHliA=";
allowedIPs = [ "${config.my.ips.wg-galaxy}/32" ];
}
{
publicKey = "R1xUFOuboQf/yy8ShiXqoCPaPcH3Cn0n4PAWB2rgHTs=";
allowedIPs = [ "${config.my.ips.wg-phone}/32" ];
}
]; ];
}; };
}; };