From 7725fb68467a2c0e2fb0e9caf8be1f8d3bcf13ae Mon Sep 17 00:00:00 2001 From: Yan Lin Date: Wed, 10 Sep 2025 23:02:44 +0200 Subject: [PATCH] Add darwin hosts to wireguard --- config/wireguard/imac.conf | 12 ++++++++++++ config/wireguard/mba.conf | 12 ++++++++++++ hosts/darwin/imac/system.nix | 16 ++++++++++++++++ hosts/darwin/mba/system.nix | 16 ++++++++++++++++ hosts/nixos/vps/system.nix | 10 ++++++++++ modules/homebrew.nix | 3 ++- 6 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 config/wireguard/imac.conf create mode 100644 config/wireguard/mba.conf diff --git a/config/wireguard/imac.conf b/config/wireguard/imac.conf new file mode 100644 index 0000000..7727305 --- /dev/null +++ b/config/wireguard/imac.conf @@ -0,0 +1,12 @@ +[Interface] +# iMac WireGuard Configuration +PrivateKey = AGcWC6Y8e3/FRIGHrg0uwHrILbS7x4hBIDpozZGIf2U= +Address = 10.2.2.40/24 +DNS = 1.1.1.1, 8.8.8.8 + +[Peer] +# VPS Server +PublicKey = 46QHjSzAas5g9Hll1SCEu9tbR5owCxXAy6wGOUoPwUM= +Endpoint = 91.98.84.215:51820 +AllowedIPs = 10.2.2.0/24 +PersistentKeepalive = 25 diff --git a/config/wireguard/mba.conf b/config/wireguard/mba.conf new file mode 100644 index 0000000..32de736 --- /dev/null +++ b/config/wireguard/mba.conf @@ -0,0 +1,12 @@ +[Interface] +# MacBook Air WireGuard Configuration +PrivateKey = eOmRh2Mrb9+xmbFtHtuOxlRM09ZLKOVWeoEQJk07bVo= +Address = 10.2.2.41/24 +DNS = 1.1.1.1, 8.8.8.8 + +[Peer] +# VPS Server +PublicKey = 46QHjSzAas5g9Hll1SCEu9tbR5owCxXAy6wGOUoPwUM= +Endpoint = 91.98.84.215:51820 +AllowedIPs = 10.2.2.0/24 +PersistentKeepalive = 25 diff --git a/hosts/darwin/imac/system.nix b/hosts/darwin/imac/system.nix index 27b2bcb..7ddb717 100644 --- a/hosts/darwin/imac/system.nix +++ b/hosts/darwin/imac/system.nix @@ -9,4 +9,20 @@ imports = [ ../system-default.nix ]; + + # WireGuard LaunchAgent for auto-start + launchd.user.agents.wireguard = { + serviceConfig = { + ProgramArguments = [ + "/opt/homebrew/bin/wg-quick" + "up" + "/Users/yanlin/.config/nix/config/wireguard/imac.conf" + ]; + RunAtLoad = true; + KeepAlive = false; + Label = "com.wireguard.imac"; + StandardErrorPath = "/tmp/wireguard.err"; + StandardOutPath = "/tmp/wireguard.out"; + }; + }; } diff --git a/hosts/darwin/mba/system.nix b/hosts/darwin/mba/system.nix index 396d64f..a13a6fa 100644 --- a/hosts/darwin/mba/system.nix +++ b/hosts/darwin/mba/system.nix @@ -9,4 +9,20 @@ imports = [ ../system-default.nix ]; + + # WireGuard LaunchAgent for auto-start + launchd.user.agents.wireguard = { + serviceConfig = { + ProgramArguments = [ + "/opt/homebrew/bin/wg-quick" + "up" + "/Users/yanlin/.config/nix/config/wireguard/mba.conf" + ]; + RunAtLoad = true; + KeepAlive = false; + Label = "com.wireguard.mba"; + StandardErrorPath = "/tmp/wireguard.err"; + StandardOutPath = "/tmp/wireguard.out"; + }; + }; } diff --git a/hosts/nixos/vps/system.nix b/hosts/nixos/vps/system.nix index 99c4b29..71bf97a 100644 --- a/hosts/nixos/vps/system.nix +++ b/hosts/nixos/vps/system.nix @@ -158,6 +158,16 @@ publicKey = "f/+Jyz4CpD5uyaZox77IuD9mI/KU9QOiK6tLMcbVGTE="; allowedIPs = [ "10.2.2.31/32" ]; } + { + name = "imac"; + publicKey = "MVpIxA7HOjTCAsyI/IXK4lo0B2OM9BCHzUelUyAqT20="; + allowedIPs = [ "10.2.2.40/32" ]; + } + { + name = "mba"; + publicKey = "NeaCT4v6eUzHkRhm5YcKnB4W8KXBCZNedoBlLM5zMQQ="; + allowedIPs = [ "10.2.2.41/32" ]; + } ]; }; }; diff --git a/modules/homebrew.nix b/modules/homebrew.nix index 2fb9736..5e2d79a 100644 --- a/modules/homebrew.nix +++ b/modules/homebrew.nix @@ -11,7 +11,8 @@ }; brews = [ # Command-line tools go here - # Example: "wget" + "wireguard-go" + "wireguard-tools" ]; casks = [ # GUI applications - manually installed apps now managed by Homebrew