diff options
| -rw-r--r-- | machines/taupe/default.nix | 23 | ||||
| -rw-r--r-- | machines/taureau/default.nix | 23 | ||||
| -rw-r--r-- | machines/truite/default.nix | 23 | ||||
| -rw-r--r-- | modules/vpn.nix | 31 |
4 files changed, 37 insertions, 63 deletions
diff --git a/machines/taupe/default.nix b/machines/taupe/default.nix index ef3fc6a..4f60eab 100644 --- a/machines/taupe/default.nix +++ b/machines/taupe/default.nix @@ -3,6 +3,7 @@ { imports = [ ../../modules/common.nix + ../../modules/vpn.nix ./hardware.nix ./devices.nix @@ -23,27 +24,7 @@ ]; }; - wireguard.server = { - enable = true; - externalInterface = "enp1s0"; - - peers = { - mel = { - key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU="; - ip = 2; - }; - - andrei = { - key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg="; - ip = 3; - }; - - sergo = { - key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y="; - ip = 4; - }; - }; - }; + wireguard.server.externalInterface = "enp1s0"; }; system.stateVersion = "25.05"; diff --git a/machines/taureau/default.nix b/machines/taureau/default.nix index ae64740..38172cf 100644 --- a/machines/taureau/default.nix +++ b/machines/taureau/default.nix @@ -3,6 +3,7 @@ { imports = [ ../../modules/common.nix + ../../modules/vpn.nix ./hardware.nix ./devices.nix @@ -24,27 +25,7 @@ ]; }; - wireguard.server = { - enable = true; - externalInterface = "enp6s16"; - - peers = { - mel = { - key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU="; - ip = 2; - }; - - andrei = { - key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg="; - ip = 3; - }; - - sergo = { - key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y="; - ip = 4; - }; - }; - }; + wireguard.server.externalInterface = "enp6s16"; }; system.stateVersion = "25.05"; diff --git a/machines/truite/default.nix b/machines/truite/default.nix index 9670da2..f8dbaaa 100644 --- a/machines/truite/default.nix +++ b/machines/truite/default.nix @@ -3,6 +3,7 @@ { imports = [ ../../modules/common.nix + ../../modules/vpn.nix ./hardware.nix ./devices.nix @@ -24,27 +25,7 @@ ]; }; - wireguard.server = { - enable = true; - externalInterface = "eth0"; - - peers = { - mel = { - key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU="; - ip = 2; - }; - - andrei = { - key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg="; - ip = 3; - }; - - sergo = { - key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y="; - ip = 4; - }; - }; - }; + wireguard.server.externalInterface = "eth0"; }; system.stateVersion = "25.05"; diff --git a/modules/vpn.nix b/modules/vpn.nix new file mode 100644 index 0000000..6772c2a --- /dev/null +++ b/modules/vpn.nix @@ -0,0 +1,31 @@ +{ ... }: + +{ + # these are the common peers that will want to access our hosts + # that run the vpn in different parts of the world. + foundation = { + wireguard.server = { + enable = true; + # has to be set by the individual server running the vpn: + # like, for example: + # externalInterface = "eth0"; + + peers = { + mel = { + key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU="; + ip = 2; + }; + + andrei = { + key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg="; + ip = 3; + }; + + sergo = { + key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y="; + ip = 4; + }; + }; + }; + }; +} |