{ config, ... }: let listenPort = 51820; in { networking.firewall.allowedTCPPorts = [ listenPort ]; networking.wireguard.interfaces."intranet" = { ips = [ "10.13.12.1" ]; inherit listenPort; privateKeyFile = "/var/lib/wireguard/keys/private"; peers = [ { publicKey = "NHMpnZW6h/MwxWcjztpwH5NN44jS9lB1b5T5jby1i1A="; allowedIPs = [ "10.13.12.2/32" ]; } { publicKey = "U/EmC6uMGqrLOd+lqfquDcUShPHgoulN35Dan6RAqyU="; allowedIPs = [ "10.13.12.3/32" ]; } { publicKey = "yh8gU4otkndmSsVBuaPMxxFHem45FE3POvSAWi8LEik="; allowedIPs = [ "10.13.12.4/32" ]; } { publicKey = "cPvj0SPITg1twz3DprtQgehJDOAhOL/hnXlB5ZS6Fi4="; endpoint = "85.119.82.108:51820"; allowedIPs = [ "10.172.171.0/24" ]; } # { publicKey = "oQZ3fcb9LsnQj8sDYLHf1+hodnW4XEhsM0rNBgHROz8="; # allowedIPs = [ "10.172.171.2/32" ]; } ]; }; }