Add thinkpad to wireguard subnet

2025-09-13 11:39:01 +02:00 · 2025-09-13 11:39:01 +02:00 · 85b74e3328
commit 85b74e3328
parent 8d0753fd0a
3 changed files with 20 additions and 1 deletions
--- a/hosts/nixos/thinkpad/system.nix
+++ b/hosts/nixos/thinkpad/system.nix
@ -1,6 +1,7 @@
 { config, pkgs, lib, ... }: {
  imports = [
    ./hardware-configuration.nix
+    ../../../modules/wireguard.nix
  ];

  # Bootloader - standard UEFI setup
@ -319,6 +320,19 @@
  # Apply XKB config to console (TTY) as well
  console.useXkbConfig = true;

+  # WireGuard VPN configuration (ThinkPad as client/spoke)
+  services.wireguard-custom = {
+    enable = true;
+    mode = "client";
+    privateKeyFile = "/etc/wireguard/thinkpad_private.key";
+    clientConfig = {
+      address = "10.2.2.30/24";
+      serverPublicKey = "46QHjSzAas5g9Hll1SCEu9tbR5owCxXAy6wGOUoPwUM=";
+      serverEndpoint = "91.98.84.215:51820";
+      allowedIPs = [ "10.2.2.0/24" ];
+    };
+  };
+
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken.
--- a/hosts/nixos/vps/system.nix
+++ b/hosts/nixos/vps/system.nix
@ -147,6 +147,11 @@
          publicKey = "HZY7V8QlnFvY6ZWNiI0WgUgWUISnEqUdzXi7Oq9M1Es=";
          allowedIPs = [ "10.2.2.20/32" ];
        }
+        {
+          name = "thinkpad";
+          publicKey = "p3442J2HBGY5Pksu+0F4SFkBGjG99KIgwyk8eAt4YmA=";
+          allowedIPs = [ "10.2.2.30/32" ];
+        }
      ];
    };
  };