hosts/oignon/wireguard.nix

   1 { pkgs, lib, config, ... }:
   2 {
   3 networking.wireguard.wg-intra.peers.mermet.enable = true;
   4 networking.wireguard.wg-intra.peers.losurdo.enable = true;
   5 networking.wireguard.wg-intra.peers.patate.enable = true;
   6 networking.hosts."192.168.42.2" = [
   7   "sourcephile.wg"
   8   "builds.sourcephile.wg"
   9   "dispatch.sourcephile.wg"
  10   "git.sourcephile.wg"
  11   "hg.sourcephile.wg"
  12   "hub.sourcephile.wg"
  13   "lists.sourcephile.wg"
  14   "man.sourcephile.wg"
  15   "meta.sourcephile.wg"
  16   "pages.sourcephile.wg"
  17   "paste.sourcephile.wg"
  18   "todo.sourcephile.wg"
  19 ];
  20 /*
  21 systemd.services =
  22   {
  23     openssh = {
  24       after = ["wireguard-${iface}.service"];
  25       serviceConfig.Restart = "on-failure";
  26     };
  27   };
  28 services.openssh.listenAddresses = map (ip: {addr=lib.removeSuffix "/32" ip;}) peer.allowedIPs;
  29 */
  30 }