nix-config/microvms/nextcloud/oxaproxy.nix

{ config, ... }: {
  networking.wireguard.enable = true;
  networking.useNetworkd = true;
  systemd.network = {
    enable = true;
    netdevs."10-oxaproxy" = {
      netdevConfig = {
        Kind = "wireguard";
        Name = "oxaproxy";
        Description = "oxa's enterprise reverse-proxy network";
      };
      wireguardConfig = {
        PrivateKeyFile = config.sops.secrets."wg/oxaproxy-seckey".path;
        #own pubkey: KCYoGx7TGei4X79EZo2NONCcmQjPzBUN1Ds6I9lQbz0=
        };
        wireguardPeers = [
          {
          # cirrus
          wireguardPeerConfig = {
            PublicKey = "0KMtL2fQOrrCH6c2a2l4FKiM73G86sUuyaNj4FarzVM=";
            AllowedIPs = [ "10.34.45.0/24" ];
            Endpoint = [ "95.216.166.21:51821" ];
            PersistentKeepalive = 25;
          };
        }
      ];
    };
    networks."10-oxaproxy" = {
      matchConfig.Name = "oxaproxy";
      networkConfig = {
        Address = "10.34.45.100/24";
      };
    };

    networks."111-host" = {
      matchConfig.Name = "enp0s8";
      networkConfig = {
        Address = "10.99.99.100/24";
      };
      routes = [
        {
          routeConfig = {
            Gateway="10.99.99.1";
            Destination="0.0.0.0/0";
            Metric=1024;
          };
        }
        {
          routeConfig = {
            Gateway="10.99.99.1";
            Destination="10.99.99.0/24";
            Metric=1024;
          };
        }
      ];
    };
  };
}
nextcloud: init 2022-06-26 21:17:20 +02:00			`{ config, ... }: {`
			`networking.wireguard.enable = true;`
			`networking.useNetworkd = true;`
			`systemd.network = {`
			`enable = true;`
			`netdevs."10-oxaproxy" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`Name = "oxaproxy";`
			`Description = "oxa's enterprise reverse-proxy network";`
			`};`
			`wireguardConfig = {`
			`PrivateKeyFile = config.sops.secrets."wg/oxaproxy-seckey".path;`
			`#own pubkey: KCYoGx7TGei4X79EZo2NONCcmQjPzBUN1Ds6I9lQbz0=`
			`};`
			`wireguardPeers = [`
			`{`
			`# cirrus`
			`wireguardPeerConfig = {`
			`PublicKey = "0KMtL2fQOrrCH6c2a2l4FKiM73G86sUuyaNj4FarzVM=";`
			`AllowedIPs = [ "10.34.45.0/24" ];`
			`Endpoint = [ "95.216.166.21:51821" ];`
			`PersistentKeepalive = 25;`
			`};`
			`}`
			`];`
			`};`
			`networks."10-oxaproxy" = {`
			`matchConfig.Name = "oxaproxy";`
			`networkConfig = {`
			`Address = "10.34.45.100/24";`
			`};`
			`};`

			`networks."111-host" = {`
			`matchConfig.Name = "enp0s8";`
			`networkConfig = {`
			`Address = "10.99.99.100/24";`
			`};`
			`routes = [`
			`{`
			`routeConfig = {`
			`Gateway="10.99.99.1";`
			`Destination="0.0.0.0/0";`
			`Metric=1024;`
			`};`
			`}`
			`{`
			`routeConfig = {`
			`Gateway="10.99.99.1";`
			`Destination="10.99.99.0/24";`
			`Metric=1024;`
			`};`
			`}`
			`];`
			`};`
			`};`
			`}`