Factor out common public VPN peers to own module

Signed-off-by: Mel <mel@rnrd.eu>
author: Mel <mel@rnrd.eu> 2025-10-04 00:11:22 +0200
committer: Mel <mel@rnrd.eu> 2025-10-04 00:11:22 +0200
commit: b637a518646ae2147403f01bd9ee250381bd8de0 (patch)
tree: 7226dcca6a69198c43d303f6876a75775a87bed0 /modules/vpn.nix
parent: 46f5b502625402b130a23b3f25d6c4395c154806 (diff)
download: network-b637a518646ae2147403f01bd9ee250381bd8de0.tar.zst
network-b637a518646ae2147403f01bd9ee250381bd8de0.zip
1 files changed, 31 insertions, 0 deletions
diff --git a/modules/vpn.nix b/modules/vpn.nix
new file mode 100644
index 0000000..6772c2a
--- /dev/null
+++ b/modules/vpn.nix
@@ -0,0 +1,31 @@
+{ ... }:
+
+{
+  # these are the common peers that will want to access our hosts
+  # that run the vpn in different parts of the world.
+  foundation = {
+    wireguard.server = {
+      enable = true;
+      # has to be set by the individual server running the vpn:
+      # like, for example:
+      # externalInterface = "eth0";
+
+      peers = {
+        mel = {
+          key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU=";
+          ip = 2;
+        };
+
+        andrei = {
+          key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg=";
+          ip = 3;
+        };
+
+        sergo = {
+          key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y=";
+          ip = 4;
+        };
+      };
+    };
+  };
+}
author	Mel <mel@rnrd.eu>	2025-10-04 00:11:22 +0200
committer	Mel <mel@rnrd.eu>	2025-10-04 00:11:22 +0200
commit	b637a518646ae2147403f01bd9ee250381bd8de0 (patch)
tree	7226dcca6a69198c43d303f6876a75775a87bed0 /modules/vpn.nix
parent	46f5b502625402b130a23b3f25d6c4395c154806 (diff)
download	network-b637a518646ae2147403f01bd9ee250381bd8de0.tar.zst network-b637a518646ae2147403f01bd9ee250381bd8de0.zip