Jafner.net/dotfiles/modules/wireguard.nix

{ wireguard, sys, ... }: {
  networking.firewall.allowedUDPPorts = [ 51820 ];
  networking.wireguard = {
    enable = true;
    interfaces = {
      wg0 = {
        ips = [ "192.168.100.1/24" ];
        listenPort = 51820;
        privateKeyFile = "/run/secrets/wireguard";
      };
    };
  };
  sops.secrets."wireguard" = { 
    sopsFile = wireguard.secretsFile;
    format = "binary";
    key = "";
    mode = "0440";
    owner = sys.username;
  };
}

# j+rBgqdGz5PKvowDJrYkP2JRqFUCQnlFPQgwjAH+4zo= # pubkey for desktop
Feature (WIP): Init wireguard module. 2025-02-19 15:08:11 -08:00			`{ wireguard, sys, ... }: {`
			`networking.firewall.allowedUDPPorts = [ 51820 ];`
			`networking.wireguard = {`
			`enable = true;`
			`interfaces = {`
			`wg0 = {`
			`ips = [ "192.168.100.1/24" ];`
			`listenPort = 51820;`
			`privateKeyFile = "/run/secrets/wireguard";`
			`};`
			`};`
			`};`
			`sops.secrets."wireguard" = {`
			`sopsFile = wireguard.secretsFile;`
			`format = "binary";`
			`key = "";`
			`mode = "0440";`
			`owner = sys.username;`
			`};`
			`}`

			`# j+rBgqdGz5PKvowDJrYkP2JRqFUCQnlFPQgwjAH+4zo= # pubkey for desktop`