stubbfelnix/services/wireguard.nix

{ config, pkgs, ... }:

{
    boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
    environment.systemPackages = [ pkgs.wireguard ];
    networking.firewall.allowedTCPPorts = [ 51820 ];
    networking.firewall.allowedUDPPorts = [ 51820 ];
    networking.wireguard.interfaces.wg0 = {
	listenPort = 51820;
	privateKeyFile = "/etc/nixos/services/wg0.key";
	ips = [ "192.168.43.1/24" ];
	peers = [
		  {
		    allowedIPs = ["192.168.43.2"]; 
		    publicKey = "vGuxJHw7I1gSQd7SThDu758ynR3AKVXjgqtNIUnMBEg=";
		    persistentKeepalive = 25;
		  }

                 {
                    allowedIPs = ["192.168.43.3"];
                    publicKey = "YQ/SN8ZauuvWKJp+cT2JPP7sUUJai4ujubAZNZkZAAU=";
                    persistentKeepalive = 25;
                  }

		];
    };
}