nix-config/hosts/toaster/network/zw.nix

{ config, ... }: {
    # zentralwerk
    systemd.network = {
      netdevs."10-wg-zentralwerk" = {
        netdevConfig = {
          Kind = "wireguard";
          Name = "wg-zentralwerk";
          Description = "Tunnel to the best basement in Dresden";
        };
        wireguardConfig = {
          PrivateKeyFile = config.sops.secrets."wg/zw".path;
          RouteTable = "off";
        };
        wireguardPeers = [
          {
            PublicKey = "PG2VD0EB+Oi+U5/uVMUdO5MFzn59fAck6hz8GUyLMRo=";
            Endpoint = "81.201.149.152:1337";
            AllowedIPs = [ "172.20.72.0/21" "172.22.90.0/24" "172.22.99.0/24" ];
            PersistentKeepalive = 25;
          }
        ];
      };
      networks."10-wg-zentralwerk" = {
        matchConfig.Name = "wg-zentralwerk";
        networkConfig = {
          Address = "172.20.76.226/21";
          IPv6AcceptRA = true;
          DNS = "172.20.73.8";
          Domains = [
            "~hq.c3d2.de"
            "~serv.zentralwerk.org"
            "~hq.zentralwerk.org"
            "~cluster.zentralwerk.org"
          ];
        };
        routes = [
          {
            Gateway = "172.20.76.225";
            Destination = "172.20.72.0/21";
            Metric = 1023;
          }
          {
            Gateway = "172.20.76.225";
            Destination = "172.20.90.0/24";
            Metric = 1023;
          }
          {
            Gateway = "172.20.76.225";
            Destination = "172.22.99.0/24";
            Metric = 1023;
          }

        ];
      };
    };
  }
fixup toaster network 2025-01-03 19:06:42 +01:00			`{ config, ... }: {`
			`# zentralwerk`
			`systemd.network = {`
			`netdevs."10-wg-zentralwerk" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`Name = "wg-zentralwerk";`
			`Description = "Tunnel to the best basement in Dresden";`
			`};`
			`wireguardConfig = {`
			`PrivateKeyFile = config.sops.secrets."wg/zw".path;`
			`RouteTable = "off";`
			`};`
			`wireguardPeers = [`
			`{`
			`PublicKey = "PG2VD0EB+Oi+U5/uVMUdO5MFzn59fAck6hz8GUyLMRo=";`
			`Endpoint = "81.201.149.152:1337";`
			`AllowedIPs = [ "172.20.72.0/21" "172.22.90.0/24" "172.22.99.0/24" ];`
			`PersistentKeepalive = 25;`
			`}`
			`];`
			`};`
			`networks."10-wg-zentralwerk" = {`
			`matchConfig.Name = "wg-zentralwerk";`
			`networkConfig = {`
			`Address = "172.20.76.226/21";`
			`IPv6AcceptRA = true;`
			`DNS = "172.20.73.8";`
			`Domains = [`
			`"~hq.c3d2.de"`
			`"~serv.zentralwerk.org"`
			`"~hq.zentralwerk.org"`
			`"~cluster.zentralwerk.org"`
			`];`
			`};`
			`routes = [`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.20.72.0/21";`
			`Metric = 1023;`
			`}`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.20.90.0/24";`
			`Metric = 1023;`
			`}`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.22.99.0/24";`
			`Metric = 1023;`
			`}`

			`];`
			`};`
			`};`
			`}`