kasdkasdkasdk

hosts/nord/default.nix

@@ -47,6 +47,9 @@
 
   networking.firewall.allowedTCPPorts = [ 57621 ]; # spotify local discovery
 
+  networking.wireguard.interfaces."wg0".ips = [ "172.22.48.4/24" ];
+
+
   # Networking
   networking.networkmanager.enable = true;
   #networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

hosts/noximilien/default.nix

@@ -99,6 +99,8 @@
 
   networking.hostId = "e1ffd469"; # needed for zfs: head -c 8 /etc/machine-id
 
+  networking.wireguard.interfaces."wg0".ips = [ "172.22.48.3/24" ];
+
   # TODO: remove? Move to where relevant?
   nixpkgs.overlays = [
     /** /

profiles/mounts/fridge-nfs.nix

@@ -8,7 +8,7 @@
   # https://nixos.wiki/wiki/WireGuard
   networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces."wg0".listenPort ];
   networking.wireguard.interfaces."wg0" = {
-    ips = [ "172.22.48.3/24" ];
+    #ips = [ "172.22.48.3/24" ]; # set per host!
     listenPort = 51820; # (random is default)
     generatePrivateKeyFile = true;
     privateKeyFile = "/var/lib/wg/wireguard_key";
@@ -16,10 +16,11 @@
     peers = [
       {
         # get your pubkey to give to fyrkat with `wg pubkey </var/lib/wg/wireguard_key`
-        publicKey = "AbXutGF+GZ/3o3iyHJNQEuSEFpGbfnUb9gMfUHggkVM=";
         endpoint = "fridge.fyrkat.no:51820";
+        publicKey = "AbXutGF+GZ/3o3iyHJNQEuSEFpGbfnUb9gMfUHggkVM=";
 
         # Forward all the traffic via VPN.
+        # (ips you're allow to claim?)
         allowedIPs = [
           "172.22.48.0/24" # fyrkat wg subnet
           "10.48.0.0/16" # fyrkat subnet