aboutsummaryrefslogtreecommitdiff
path: root/infra/libkookie/configuration/server/wireguard/hyperion.nix
diff options
context:
space:
mode:
Diffstat (limited to 'infra/libkookie/configuration/server/wireguard/hyperion.nix')
-rw-r--r--infra/libkookie/configuration/server/wireguard/hyperion.nix27
1 files changed, 27 insertions, 0 deletions
diff --git a/infra/libkookie/configuration/server/wireguard/hyperion.nix b/infra/libkookie/configuration/server/wireguard/hyperion.nix
new file mode 100644
index 000000000000..2a20f6ee5533
--- /dev/null
+++ b/infra/libkookie/configuration/server/wireguard/hyperion.nix
@@ -0,0 +1,27 @@
+{ config, ... }:
+
+let listenPort = 51820;
+in
+{
+ networking.firewall.allowedTCPPorts = [ listenPort ];
+
+ networking.wireguard.interfaces."intranet" = {
+ ips = [ "10.13.12.1" ];
+ inherit listenPort;
+ privateKeyFile = "/var/lib/wireguard/keys/private";
+
+ peers = [
+ { publicKey = "NHMpnZW6h/MwxWcjztpwH5NN44jS9lB1b5T5jby1i1A=";
+ allowedIPs = [ "10.13.12.2/32" ]; }
+ { publicKey = "U/EmC6uMGqrLOd+lqfquDcUShPHgoulN35Dan6RAqyU=";
+ allowedIPs = [ "10.13.12.3/32" ]; }
+ { publicKey = "yh8gU4otkndmSsVBuaPMxxFHem45FE3POvSAWi8LEik=";
+ allowedIPs = [ "10.13.12.4/32" ]; }
+ { publicKey = "cPvj0SPITg1twz3DprtQgehJDOAhOL/hnXlB5ZS6Fi4=";
+ endpoint = "85.119.82.108:51820";
+ allowedIPs = [ "10.172.171.0/24" ]; }
+ # { publicKey = "oQZ3fcb9LsnQj8sDYLHf1+hodnW4XEhsM0rNBgHROz8=";
+ # allowedIPs = [ "10.172.171.2/32" ]; }
+ ];
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 23:42:39 +0000