blob: 18d96673a026e899b772a4b1702198a9eb5d5f7b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
{ config, lib, pkgs, ... }: let
ipAddress = "10.1.1.1";
in {
imports = [ ./wg.nix ];
# Setup bootloader
boot._loader.enable = true;
# Enable common options
_archetypes = {
profiles.headless = {
enable = true;
home.users.timmy.enable = true;
};
profiles.router.enable = true;
};
networking = {
# Label lan and wan interfaces
_interfaceLabels = {
enable = true;
interfaces = {
lan0 = "98:b7:85:22:9b:43"; # External
wan0 = "54:ee:75:8c:4b:2d"; # Internal
};
};
# Set ip addresses
interfaces = {
lan0.ipv4.addresses = [{
address = ipAddress;
prefixLength = 24;
}];
wan0.ipv4.addresses = [{
address = "46.110.173.163"; # Reserved static ip for wg-router
prefixLength = 31;
}];
};
defaultGateway = {
address = "46.110.173.161";
interface = "wan0";
};
# Firewall rules
firewall = {
interfaces.wan0 = {
allowedUDPPorts = [ 51820 ];
};
};
};
# Router config
services._router = {
dnsDhcpConfig = {
localDomain = "wg-router.pls.lan";
dhcp = {
defaultGateway = ipAddress;
localhostIp = ipAddress;
rangeStart = "10.1.1.100";
rangeEnd = "10.1.1.250";
staticLeases = {
idrac-8HT2W52 = {
macAddress = "18:fb:7b:9d:16:b3";
staticIp = "10.1.1.10";
};
};
};
};
};
# Enable user timmy
_users.timmy.enable = true;
system.stateVersion = "25.05";
}
|
