From e0d60d3e70aa54fc52c2bbe61d2c2c0544c6088b Mon Sep 17 00:00:00 2001
From: stubbfel <git@stubbe.rocks>
Date: Thu, 25 Oct 2018 20:33:25 +0200
Subject: [PATCH] pre upgrade config

---
 services/enabled.nix   |  1 +
 services/wg0.key       |  1 +
 services/wireguard.nix | 27 +++++++++++++++++++++++++++
 3 files changed, 29 insertions(+)
 create mode 100644 services/wg0.key
 create mode 100644 services/wireguard.nix

diff --git a/services/enabled.nix b/services/enabled.nix
index 914222e..f5c2cfc 100644
--- a/services/enabled.nix
+++ b/services/enabled.nix
@@ -12,5 +12,6 @@
         ./resilio.nix
         ./sks.nix
        ./gitea.nix
+#	./wireguard.nix
     ];
 }
diff --git a/services/wg0.key b/services/wg0.key
new file mode 100644
index 0000000..9a1119a
--- /dev/null
+++ b/services/wg0.key
@@ -0,0 +1 @@
+qGHCeu53Sf6I8FUemPb36/nWbteef6H1Iz6BvE8/ek8=
diff --git a/services/wireguard.nix b/services/wireguard.nix
new file mode 100644
index 0000000..6cf17f6
--- /dev/null
+++ b/services/wireguard.nix
@@ -0,0 +1,27 @@
+{ config, pkgs, ... }:
+
+{
+    boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
+    environment.systemPackages = [ pkgs.wireguard ];
+    networking.firewall.allowedTCPPorts = [ 51820 ];
+    networking.firewall.allowedUDPPorts = [ 51820 ];
+    networking.wireguard.interfaces.wg0 = {
+	listenPort = 51820;
+	privateKeyFile = "/etc/nixos/services/wg0.key";
+	ips = [ "192.168.43.1/24" ];
+	peers = [
+		  {
+		    allowedIPs = ["192.168.43.2"]; 
+		    publicKey = "vGuxJHw7I1gSQd7SThDu758ynR3AKVXjgqtNIUnMBEg=";
+		    persistentKeepalive = 25;
+		  }
+
+                 {
+                    allowedIPs = ["192.168.43.3"];
+                    publicKey = "YQ/SN8ZauuvWKJp+cT2JPP7sUUJai4ujubAZNZkZAAU=";
+                    persistentKeepalive = 25;
+                  }
+
+		];
+    };
+}