diff --git a/hosts/niks/default.nix b/hosts/niks/default.nix index b2aa1b9..8bd42de 100644 --- a/hosts/niks/default.nix +++ b/hosts/niks/default.nix @@ -4,6 +4,6 @@ _: { ./hardware-configuration.nix ./mullvad ./ssh - ./wireguard + #./wireguard ]; } diff --git a/hosts/niks/mullvad/default.nix b/hosts/niks/mullvad/default.nix index 86899be..c8cf031 100644 --- a/hosts/niks/mullvad/default.nix +++ b/hosts/niks/mullvad/default.nix @@ -6,11 +6,10 @@ environment.systemPackages = with pkgs; [ mullvad-vpn mullvad ]; networking.wireguard.enable = true; + networking.iproute2.enable = true; services.mullvad-vpn = { enable = true; - package = pkgs.mullvad-vpn; - enableExcludeWrapper = false; }; systemd.services."mullvad-daemon".postStart = let diff --git a/hosts/niks/wireguard/default.nix b/hosts/niks/wireguard/default.nix index 6bc5455..0c3cae3 100644 --- a/hosts/niks/wireguard/default.nix +++ b/hosts/niks/wireguard/default.nix @@ -8,10 +8,10 @@ allowedUDPPorts = [ 51820 ]; checkReversePath = "loose"; }; - wireguard = { + wg-quick = { interfaces = { ch0 = { - ips = [ "10.100.0.2/24" ]; + address = [ "10.100.0.2/24" ]; listenPort = 51820; privateKeyFile = "/home/jacek/.wg/chmura"; @@ -20,8 +20,18 @@ publicKey = "cq4ZqnPM7wVGkoiquDbQLNuqEiPuHa/CLiGFow6buUI="; allowedIPs = [ "0.0.0.0/0" ]; endpoint = "hcq082e0b05.sn.mynetname.net:51820"; - dynamicEndpointRefreshSeconds = 5; - persistentKeepalive = 25; + } + ]; + }; + mv0 = { + address = [ "10.64.197.114/32" "fc00:bbbb:bbbb:bb01::1:c571/128" ]; + dns = [ "100.64.0.7" ]; + privateKeyFile = "/home/jacek/.wg/mullvad"; + peers = [ + { + publicKey = "94qIvXgF0OXZ4IcquoS7AO57OV6JswUFgdONgGiq+jo="; + allowedIPs = [ "0.0.0.0/0" "::0/0" ]; + endpoint = "185.65.135.69:51820"; } ]; };