connect to hermes through wireguard

author: quentin@aristote.fr <quentin@aristote.fr> 2024-12-08 22:53:47 +0100
committer: quentin@aristote.fr <quentin@aristote.fr> 2024-12-08 23:11:30 +0100
commit: b972c811e34796dd5ee350246e9170bee8ca304d (patch)
tree: 6bbba31f513ca3d3300b54975beca7e37d0f35d6 /config/networking.nix
parent: a27682d42fc4d1cfbc0a4818363c174a5dbb2037 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/config/networking.nix b/config/networking.nix
index 4de42c9..f48927b 100644
--- a/config/networking.nix
+++ b/config/networking.nix
@@ -17,5 +17,23 @@
         pskRaw = "ext:psk";
       };
     };
+
+    firewall.allowedUDPPorts = [51820];
+    wireguard = {
+      enable = true;
+      interfaces.talaria = {
+        ips = ["10.13.42.2/24"];
+        listenPort = 51820;
+        privateKeyFile = "/etc/wireguard/talaria.key";
+        peers = [
+          {
+            publicKey = "qgDFtt7qlKXW81bKpGHg793OXKPM4Hfjg9ntQrANXio=";
+            allowedIPs = ["10.13.42.1"];
+            endpoint = "hermes.aristote.fr:51820";
+            persistentKeepalive = 25;
+          }
+        ];
+      };
+    };
   };
 }
author	quentin@aristote.fr <quentin@aristote.fr>	2024-12-08 22:53:47 +0100
committer	quentin@aristote.fr <quentin@aristote.fr>	2024-12-08 23:11:30 +0100
commit	b972c811e34796dd5ee350246e9170bee8ca304d (patch)
tree	6bbba31f513ca3d3300b54975beca7e37d0f35d6 /config/networking.nix
parent	a27682d42fc4d1cfbc0a4818363c174a5dbb2037 (diff)