hosts/oignon/wireguard.nix

   1 { pkgs, lib, config, hostName, private, ... }:
   2 {
   3 networking.wireguard.wg-intra.peers.mermet.enable = true;
   4 networking.wireguard.wg-intra.peers.losurdo.enable = true;
   5 networking.hosts."192.168.42.2" = [
   6   "sourcephile.wg"
   7   "builds.sourcephile.wg"
   8   "dispatch.sourcephile.wg"
   9   "git.sourcephile.wg"
  10   "hg.sourcephile.wg"
  11   "hub.sourcephile.wg"
  12   "lists.sourcephile.wg"
  13   "man.sourcephile.wg"
  14   "meta.sourcephile.wg"
  15   "pages.sourcephile.wg"
  16   "paste.sourcephile.wg"
  17   "todo.sourcephile.wg"
  18 ];
  19 /*
  20 systemd.services =
  21   {
  22     openssh = {
  23       after = ["wireguard-${iface}.service"];
  24       serviceConfig.Restart = "on-failure";
  25     };
  26   };
  27 services.openssh.listenAddresses = map (ip: {addr=lib.removeSuffix "/32" ip;}) peer.allowedIPs;
  28 */
  29 }