created p2p wireguard interface for defiant

2025-04-01 16:22:44 -05:00 · 2025-04-01 16:22:44 -05:00 · 899617266f
parent 2f6e566acc
commit 899617266f
1 changed files with 21 additions and 0 deletions
--- a/configurations/nixos/defiant/configuration.nix
+++ b/configurations/nixos/defiant/configuration.nix
@ -9,6 +9,9 @@
    "vpn-keys/tailscale-authkey/defiant" = {
      sopsFile = "${inputs.secrets}/vpn-keys.yaml";
    };
+    "vpn-keys/proton-wireguard/defiant-p2p" = {
+      sopsFile = "${inputs.secrets}/vpn-keys.yaml";
+    };
    "services/zfs_smtp_token" = {
      sopsFile = "${inputs.secrets}/defiant-services.yaml";
    };
@ -101,6 +104,24 @@
  };
  networking = {
    hostId = "c51763d6";
+
+    wireguard.interfaces = {
+      p2p = {
+        ips = ["10.2.0.2/32"];
+        listenPort = 51820;
+
+        privateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
+
+        peers = [
+          {
+            publicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
+            allowedIPs = ["0.0.0.0/0"];
+            endpoint = "185.230.126.146:51820";
+            persistentKeepalive = 25;
+          }
+        ];
+      };
+    };
  };

  services = {