nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity

set Wireguard keys with credentials

Browse Source
This commit is contained in:
nyanloutre 2024-11-25 17:26:38 +01:00
parent 4d8c76e207
commit 8ad48e5aa4
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
systems/LoutreOS/network.nix
View File

@ -107,6 +107,13 @@
}; };
}; };
systemd.services.systemd-networkd.serviceConfig = {
LoadCredential = [
"network.wireguard.private.wg0:/mnt/secrets/wireguard/wireguard.private"
"network.wireguard.preshared.wg0:/mnt/secrets/wireguard/wireguard.preshared"
];
};
################# #################
# ROUTING RULES # # ROUTING RULES #
################# #################
@ -139,7 +146,9 @@
MTUBytes = "1450"; MTUBytes = "1450";
}; };
wireguardConfig = { wireguardConfig = {
PrivateKeyFile = "/run/keys/wireguard-privkey"; PrivateKeyFile = "/run/credentials/systemd-networkd.service/network.wireguard.private.wg0";
# Wait for 24.11
# PrivateKey = "@network.wireguard.private.wg0";
RouteTable = 3; RouteTable = 3;
}; };
wireguardPeers = [ wireguardPeers = [
@ -147,7 +156,9 @@
wireguardPeerConfig = { wireguardPeerConfig = {
Endpoint = "89.234.141.83:8095"; Endpoint = "89.234.141.83:8095";
PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g="; PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
PresharedKeyFile = "/run/keys/wireguard-psk.key"; PresharedKeyFile = "/run/credentials/systemd-networkd.service/network.wireguard.preshared.wg0";
# Wait for 24.11
# PresharedKey = "@network.wireguard.preshared.wg0";
AllowedIPs = ["0.0.0.0/0" "::/0"]; AllowedIPs = ["0.0.0.0/0" "::/0"];
PersistentKeepalive = 15; PersistentKeepalive = 15;
}; };