From 858dbaa2dbb39fe49d75932203c67c8781c941f2 Mon Sep 17 00:00:00 2001
From: Adithya Nair <adtya@adtya.xyz>
Date: Wed, 11 Oct 2023 12:10:06 +0530
Subject: [PATCH] setup wireguard stuff on rico1

---
 hosts/rico1/wireguard.nix | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 hosts/rico1/wireguard.nix

diff --git a/hosts/rico1/wireguard.nix b/hosts/rico1/wireguard.nix
new file mode 100644
index 0000000..2ed8f9c
--- /dev/null
+++ b/hosts/rico1/wireguard.nix
@@ -0,0 +1,22 @@
+{
+  config,
+  secrets,
+  ...
+}: let
+  inherit (secrets.wireguard_config) peers;
+in {
+  networking.firewall.trustedInterfaces = ["wg0"];
+  networking.wireguard = {
+    enable = true;
+    interfaces = {
+      wg0 = {
+        inherit (peers."${config.networking.hostName}") ips listenPort;
+        privateKeyFile = "/etc/wireguard/private.key";
+        generatePrivateKeyFile = true;
+        peers = with peers; [
+          Proxy.peer
+        ];
+      };
+    };
+  };
+}