Set up wireguard.

2024-12-27 15:44:00 -05:00 · 2024-12-27 15:44:00 -05:00 · 0b31b91c69
commit 0b31b91c69
parent 2ef181cfab
3 changed files with 28 additions and 1 deletions
--- a/nix/configuration/configuration.nix
+++ b/nix/configuration/configuration.nix
@ -35,6 +35,7 @@
    ./roles/gpg
    ./roles/waybar
    ./roles/qemu
+    ./roles/wireguard
  ];

  nix.settings.experimental-features = [
--- a/nix/configuration/network.nix
+++ b/nix/configuration/network.nix
@ -16,7 +16,7 @@
  ];
  services.resolved = {
    enable = true;
-    dnssec = "true";
+    # dnssec = "true";
    domains = [ "~." ];
    fallbackDns = [ ];
    dnsovertls = "true";
--- a/nix/configuration/roles/wireguard/default.nix
+++ b/nix/configuration/roles/wireguard/default.nix
@ -0,0 +1,26 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+{
+  imports = [ ];
+
+  networking.firewall.allowedUDPPorts = [ 51821 ];
+  networking.wireguard.enable = true;
+  networking.wg-quick.interfaces.wg0.configFile = "/persist/manual/wireguard/drmario.conf";
+  systemd.services."wg-quick-wg0".after = [
+    "nss-lookup.target"
+    "systemd-resolved.service"
+    "multi-user.target"
+  ];
+
+  systemd.services."wg-quick-wg0".preStart = "${pkgs.toybox}/bin/sleep 10";
+
+  # environment.systemPackages = with pkgs; [
+  #   wireguard-tools
+  # ];
+
+}