nixos-config/machines/cray/tunnel-backbone.nix

{
  systemd.network = {
    enable = true;
    netdevs = {
      "10-wg-backbone" = {
        netdevConfig = {
          Kind = "wireguard";
          MTUBytes = "1300";
          Name = "wg-backbone";
        };
        extraConfig = ''
          [WireGuard]
          PrivateKeyFile=/etc/secrets/wireguard-backbone
          ListenPort=9918

          [WireGuardPeer]
          PublicKey=JjJrLv6ocRIgPGPz6TUexPj0eUSKPDEQFye4397nbwM=
          AllowedIPs=192.168.8.0/24
          Endpoint=marge.fleaz.me:50200
        '';
      };
    };
    networks = {
      # See also man systemd.network
      "40-wg0-backbone".extraConfig = ''
        [Match]
        Name=wg-backbone

        [Network]
        DHCP=no
        IPv6AcceptRA=false

        # IP addresses the client interface will have
        [Address]
        Address=192.168.8.13/24
      '';
    };
  };

}
cray: Update vpn config 2024-02-03 21:47:03 +00:00			`{`
			`systemd.network = {`
			`enable = true;`
			`netdevs = {`
			`"10-wg-backbone" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`MTUBytes = "1300";`
			`Name = "wg-backbone";`
			`};`
			`extraConfig = ''`
			`[WireGuard]`
			`PrivateKeyFile=/etc/secrets/wireguard-backbone`
			`ListenPort=9918`

			`[WireGuardPeer]`
			`PublicKey=JjJrLv6ocRIgPGPz6TUexPj0eUSKPDEQFye4397nbwM=`
			`AllowedIPs=192.168.8.0/24`
			`Endpoint=marge.fleaz.me:50200`
			`'';`
			`};`
			`};`
			`networks = {`
			`# See also man systemd.network`
			`"40-wg0-backbone".extraConfig = ''`
			`[Match]`
			`Name=wg-backbone`

			`[Network]`
			`DHCP=no`
			`IPv6AcceptRA=false`

			`# IP addresses the client interface will have`
			`[Address]`
			`Address=192.168.8.13/24`
			`'';`
			`};`
			`};`

			`}`