stubbfelnix/services/wireguard.nix

{ config, pkgs, ... }:

{

  environment.systemPackages = [ pkgs.wireguard ];
  networking.firewall.allowedTCPPorts = [ 51820 ];
  networking.firewall.allowedUDPPorts = [ 51820 ];
  networking.wireguard.interfaces.wg0 = {
    listenPort = 51820;
    privateKeyFile = "/etc/nixos/services/wg0.key";
    ips = [ "192.168.43.1/32" ];
    peers = [
      {
        allowedIPs = ["192.168.43.2/32"];
        publicKey = "wbeCSyurE/kiXooaqieRgoDHJiDBiw/CHvF5e+LCPlw=";
        persistentKeepalive = 25;
      }
      ];
  };
}