From 67d7b6669f3353e91ea94afcb06b6b0d3806f264 Mon Sep 17 00:00:00 2001
From: nyanloutre <paul@nyanlout.re>
Date: Wed, 13 Nov 2024 14:44:13 +0100
Subject: [PATCH 1/2] setup wireguard interface

---
 systems/LoutreOS/configuration.nix | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix
index 899802e..977bc58 100644
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@@ -142,16 +142,20 @@
         netdevConfig = {
           Kind = "wireguard";
           Name = "wg0";
+          MTUBytes = "1450";
         };
         wireguardConfig = {
           PrivateKeyFile = "/run/keys/wireguard-privkey";
-          ListenPort = 9918;
+          #ListenPort = 9918;
         };
         wireguardPeers = [          
           {
-            PublicKey = "OhApdFoOYnKesRVpnYRqwk3pdM247j8PPVH5K7aIKX0=";
-            AllowedIPs = ["fc00::1/64" "10.100.0.1"];
-            Endpoint = "{set this to the server ip}:51820";
+            wireguardPeerConfig = {
+              PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
+              AllowedIPs = ["0.0.0.0/0" "::/0"];
+              Endpoint = "89.234.141.83";
+              PersistentKeepalive = 15;
+            };
           }
         ];
       };
@@ -176,9 +180,8 @@
       "10-wg0" = {
         matchConfig.Name = "wg0";
         address = [
-          "fe80::3/64"
-          "fc00::3/120"
-          "10.100.0.2/24"
+          "89.234.141.196/32"
+          "2a00:5881:8119:400::1/128"
         ];
       };
       "40-eno2" = {

From e8e4c4b3115c080b527c1c85e27b25ac2c615727 Mon Sep 17 00:00:00 2001
From: nyanloutre <paul@nyanlout.re>
Date: Wed, 20 Nov 2024 09:15:56 +0100
Subject: [PATCH 2/2] wireguard partial setup

---
 systems/LoutreOS/configuration.nix | 41 ++++++++++++++++++++++++++++--
 1 file changed, 39 insertions(+), 2 deletions(-)

diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix
index 977bc58..616c927 100644
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@@ -146,14 +146,15 @@
         };
         wireguardConfig = {
           PrivateKeyFile = "/run/keys/wireguard-privkey";
-          #ListenPort = 9918;
+          FirewallMark = 51820;
         };
         wireguardPeers = [          
           {
             wireguardPeerConfig = {
+              Endpoint = "89.234.141.83:8095";
               PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
+              PresharedKeyFile = "/run/keys/wireguard-psk.key";
               AllowedIPs = ["0.0.0.0/0" "::/0"];
-              Endpoint = "89.234.141.83";
               PersistentKeepalive = 15;
             };
           }
@@ -183,6 +184,42 @@
           "89.234.141.196/32"
           "2a00:5881:8119:400::1/128"
         ];
+        # routingPolicyRules = [
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       FirewallMark = "51820";
+        #       InvertRule = true;
+        #       Table = "51820";
+        #       Priority = "10";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "10.0.0.0/8";
+        #       Priority = "9";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "192.168.0.0/16";
+        #       Priority = "9";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "89.234.141.83/32";
+        #       Priority = "5";
+        #     };
+        #   }
+        # ];
+        # routes = [
+        #   {
+        #     routeConfig = {
+        #       Destination = "0.0.0.0/0";
+        #       Table = 51820;
+        #     };
+        #   }
+        # ];
       };
       "40-eno2" = {
         networkConfig = {