From e98704caa0ac922e824f2dbc71c5cdb39dad3f97 Mon Sep 17 00:00:00 2001
From: fleaz <mail@felixbreidenstein.de>
Date: Thu, 15 Dec 2022 14:29:31 +0100
Subject: [PATCH] cray: Add wireguard backbone

---
 machines/cray/configuration.nix | 42 ++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/machines/cray/configuration.nix b/machines/cray/configuration.nix
index 6ee78d9..a6ab9a5 100644
--- a/machines/cray/configuration.nix
+++ b/machines/cray/configuration.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 {
   imports = [
     # Include the results of the hardware scan.
@@ -12,11 +12,51 @@
 
   time.hardwareClockInLocalTime = true; #Be compatible with Windows Dualboot
 
+  networking.useNetworkd = true;
   networking.useDHCP = false;
   networking.hostName = "cray"; # Define your hostname.
   networking.interfaces.enp4s0.useDHCP = true;
   networking.interfaces.enp4s0.wakeOnLan.enable = true;
 
+  #boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
+  systemd.network = {
+    enable = true;
+    netdevs = {
+      "10-wg-backbone" = {
+        netdevConfig = {
+          Kind = "wireguard";
+          MTUBytes = "1300";
+          Name = "wg-backbone";
+        };
+        extraConfig = ''
+          [WireGuard]
+          PrivateKeyFile=/etc/secrets/wireguard
+          ListenPort=9918
+
+          [WireGuardPeer]
+          PublicKey=JjJrLv6ocRIgPGPz6TUexPj0eUSKPDEQFye4397nbwM=
+          AllowedIPs=192.168.8.0/24
+          Endpoint=marge.fleaz.me:50200
+        '';
+      };
+    };
+    networks = {
+      # See also man systemd.network
+      "40-wg0".extraConfig = ''
+        [Match]
+        Name=wg-backbone
+
+        [Network]
+        DHCP=no
+        IPv6AcceptRA=false
+
+        # IP addresses the client interface will have
+        [Address]
+        Address=192.168.8.13/24
+      '';
+    };
+  };
+
   # Enable CUPS
   services.printing.enable = true;
   services.printing.drivers = with pkgs; [ splix ];