From b972c811e34796dd5ee350246e9170bee8ca304d Mon Sep 17 00:00:00 2001
From: "quentin@aristote.fr" <quentin@aristote.fr>
Date: Sun, 8 Dec 2024 22:53:47 +0100
Subject: connect to hermes through wireguard

---
 config/networking.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'config/networking.nix')

diff --git a/config/networking.nix b/config/networking.nix
index 4de42c9..f48927b 100644
--- a/config/networking.nix
+++ b/config/networking.nix
@@ -17,5 +17,23 @@
         pskRaw = "ext:psk";
       };
     };
+
+    firewall.allowedUDPPorts = [51820];
+    wireguard = {
+      enable = true;
+      interfaces.talaria = {
+        ips = ["10.13.42.2/24"];
+        listenPort = 51820;
+        privateKeyFile = "/etc/wireguard/talaria.key";
+        peers = [
+          {
+            publicKey = "qgDFtt7qlKXW81bKpGHg793OXKPM4Hfjg9ntQrANXio=";
+            allowedIPs = ["10.13.42.1"];
+            endpoint = "hermes.aristote.fr:51820";
+            persistentKeepalive = 25;
+          }
+        ];
+      };
+    };
   };
 }
-- 
cgit v1.2.3