nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity

set Wireguard keys with credentials

Browse Source
This commit is contained in:
nyanloutre 2024-11-25 17:26:38 +01:00
parent 4d8c76e207
commit 8ad48e5aa4
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
systems/LoutreOS/network.nix
View File

@ -107,6 +107,13 @@
};
};
systemd.services.systemd-networkd.serviceConfig = {
LoadCredential = [
"network.wireguard.private.wg0:/mnt/secrets/wireguard/wireguard.private"
"network.wireguard.preshared.wg0:/mnt/secrets/wireguard/wireguard.preshared"
];
};
#################
# ROUTING RULES #
#################
@ -139,7 +146,9 @@
MTUBytes = "1450";
};
wireguardConfig = {
PrivateKeyFile = "/run/keys/wireguard-privkey";
PrivateKeyFile = "/run/credentials/systemd-networkd.service/network.wireguard.private.wg0";
# Wait for 24.11
# PrivateKey = "@network.wireguard.private.wg0";
RouteTable = 3;
};
wireguardPeers = [
@ -147,7 +156,9 @@
wireguardPeerConfig = {
Endpoint = "89.234.141.83:8095";
PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
PresharedKeyFile = "/run/keys/wireguard-psk.key";
PresharedKeyFile = "/run/credentials/systemd-networkd.service/network.wireguard.preshared.wg0";
# Wait for 24.11
# PresharedKey = "@network.wireguard.preshared.wg0";
AllowedIPs = ["0.0.0.0/0" "::/0"];
PersistentKeepalive = 15;
};