nix-config/hosts/toaster/network/zw.nix

{ config, ... }:
{
  # zentralwerk
  systemd.network = {
    netdevs."10-wg-zentralwerk" = {
      netdevConfig = {
        Kind = "wireguard";
        Name = "wg-zentralwerk";
        Description = "Tunnel to the best basement in Dresden";
      };
      wireguardConfig = {
        PrivateKeyFile = config.sops.secrets."wg/zw".path;
        RouteTable = "off";
      };
      wireguardPeers = [
        {
          PublicKey = "PG2VD0EB+Oi+U5/uVMUdO5MFzn59fAck6hz8GUyLMRo=";
          Endpoint = "81.201.149.152:1337";
          AllowedIPs = [
            "172.20.72.0/21"
            "172.22.90.0/24"
            "172.22.99.0/24"
          ];
          PersistentKeepalive = 25;
        }
      ];
    };
    networks."10-wg-zentralwerk" = {
      matchConfig.Name = "wg-zentralwerk";
      networkConfig = {
        Address = "172.20.76.226/21";
        IPv6AcceptRA = true;
        DNS = "172.20.73.8";
        Domains = [
          "~hq.c3d2.de"
          "~serv.zentralwerk.org"
          "~hq.zentralwerk.org"
          "~cluster.zentralwerk.org"
        ];
      };
      routes = [
        {
          Gateway = "172.20.76.225";
          Destination = "172.20.72.0/21";
          Metric = 1023;
        }
        {
          Gateway = "172.20.76.225";
          Destination = "172.20.90.0/24";
          Metric = 1023;
        }
        {
          Gateway = "172.20.76.225";
          Destination = "172.22.99.0/24";
          Metric = 1023;
        }

      ];
    };
  };
}
delete legacy stuff and reformat 2025-01-11 03:55:19 +01:00			`{ config, ... }:`
			`{`
			`# zentralwerk`
			`systemd.network = {`
			`netdevs."10-wg-zentralwerk" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`Name = "wg-zentralwerk";`
			`Description = "Tunnel to the best basement in Dresden";`
			`};`
			`wireguardConfig = {`
			`PrivateKeyFile = config.sops.secrets."wg/zw".path;`
			`RouteTable = "off";`
fixup toaster network 2025-01-03 19:06:42 +01:00			`};`
delete legacy stuff and reformat 2025-01-11 03:55:19 +01:00			`wireguardPeers = [`
			`{`
			`PublicKey = "PG2VD0EB+Oi+U5/uVMUdO5MFzn59fAck6hz8GUyLMRo=";`
			`Endpoint = "81.201.149.152:1337";`
			`AllowedIPs = [`
			`"172.20.72.0/21"`
			`"172.22.90.0/24"`
			`"172.22.99.0/24"`
fixup toaster network 2025-01-03 19:06:42 +01:00			`];`
delete legacy stuff and reformat 2025-01-11 03:55:19 +01:00			`PersistentKeepalive = 25;`
			`}`
			`];`
			`};`
			`networks."10-wg-zentralwerk" = {`
			`matchConfig.Name = "wg-zentralwerk";`
			`networkConfig = {`
			`Address = "172.20.76.226/21";`
			`IPv6AcceptRA = true;`
			`DNS = "172.20.73.8";`
			`Domains = [`
			`"~hq.c3d2.de"`
			`"~serv.zentralwerk.org"`
			`"~hq.zentralwerk.org"`
			`"~cluster.zentralwerk.org"`
fixup toaster network 2025-01-03 19:06:42 +01:00			`];`
			`};`
delete legacy stuff and reformat 2025-01-11 03:55:19 +01:00			`routes = [`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.20.72.0/21";`
			`Metric = 1023;`
			`}`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.20.90.0/24";`
			`Metric = 1023;`
			`}`
			`{`
			`Gateway = "172.20.76.225";`
			`Destination = "172.22.99.0/24";`
			`Metric = 1023;`
			`}`

			`];`
fixup toaster network 2025-01-03 19:06:42 +01:00			`};`
delete legacy stuff and reformat 2025-01-11 03:55:19 +01:00			`};`
			`}`