{ config, lib, ... }: with import ./network.nix; let listenPort = 1194; in { architect.firewall = { openUDP = lib.singleton listenPort; openUDPVPN = lib.singleton listenPort; }; networking = { extraHosts = '' ${architect-wg} architect.devs.giugl.io ${manduria-wg} manduria.devs.giugl.io ${antonio-wg} antonio.devs.giugl.io ${gbeast-wg} gbeast.devs.giugl.io ${shield-wg} shield.devs.giugl.io ${salvatore-wg} salvatore.devs.giugl.io ${papa-wg} papa.devs.giugl.io ${defy-wg} defy.devs.giugl.io ${germano-wg} germano.devs.giugl.io ${dodino-wg} dodino.devs.giugl.io ${tommy-wg} tommy.devs.giugl.io ${alain-wg} alain.devs.giugl.io ${dima-wg} dima.devs.giugl.io ${mikey-wg} mikey.devs.giugl.io ${andrew-wg} andrew.devs.giugl.io ${mikeylaptop-wg} mikeylaptop.devs.giugl.io ${frznn-wg} frznn.devs.giugl.io ${ludo-wg} ludo.devs.giugl.io ${parina-wg} parina.devs.giugl.io ${parina-ipad-wg} parinaipad.devs.giugl.io ${nilo-wg} nilo.devs.giugl.io ${kclvm-wg} kclvm.devs.giugl.io ${framecca-wg} framecca.devs.giugl.io ''; wireguard = { interfaces.${vpn-if} = { inherit listenPort; ips = [ "10.3.0.1/24" ]; privateKeyFile = "/secrets/wireguard/server.key"; peers = [ { # Manduria allowedIPs = [ manduria-wg ]; publicKey = "wT38oXvDQ8g0hI+pAXQobOWf/Wott2zhwo8TLvXK400="; } { # Antonio allowedIPs = [ antonio-wg ]; publicKey = "SPndCvEzuLHtGAQV8u/4dfLlFHoPcXS3L98oFOwTljc="; } { # GBEAST allowedIPs = [ gbeast-wg ]; publicKey = "XiK+wk+DErz0RmCWRxuaJN1cvdj+3DoiU6tcR+uZfAI="; } { # shield allowedIPs = [ shield-wg ]; publicKey = "1GaV/M48sHqQTrBVRQ+jrFU2pUMmv2xkguncVcwPCFs="; } { # salvatore allowedIPs = [ salvatore-wg ]; publicKey = "fhlnBHeMyHZKLUCTSA9kmkKoM5x/qzz/rnCJrUh3Gzs="; } { # papa allowedIPs = [ papa-wg ]; publicKey = "oGHygt02Oni3IFbScKD0NVEfHKCp6bpw68aq5g4RrAA="; } { # defy allowedIPs = [ defy-wg ]; publicKey = "Cvi/eto7E6Ef+aiL81ou7x12fJCeuXrf/go9fxEqXG4="; } { # germano allowedIPs = [ germano-wg ]; publicKey = "LJ0DHY1sFVLQb3ngUGGH0HxbDOPb9KCUPSaYcjr5Uiw="; } { # flavio allowedIPs = [ flavio-wg ]; publicKey = "Yg0P+yHi/9SZHyoel8jT9fmmu+irLYmT8yMp/CZoaSg="; } { # dodino allowedIPs = [ dodino-wg ]; publicKey = "JHkqlADQpY1CUcivraG9i6rIzCzLVFcl8HP5uIk35lk="; } { # tommy allowedIPs = [ tommy-wg ]; publicKey = "tytknU7wql1d0A2provX3RP7CNcEIajfgBJKoSyVLgo="; } { # alain allowedIPs = [ alain-wg ]; publicKey = "/o2msFJoUL4yovcIQJTU8c1faFtekrjSBBWJABouWno="; } { # dima allowedIPs = [ dima-wg ]; publicKey = "svzWYIZ6v+cLCp/emGG7mx2YpBJqw2fqjVuHZy7b6H0="; } { # mikey allowedIPs = [ mikey-wg ]; publicKey = "ewbDdX3z7nxG2aPIf9TogXkhxPlGipLFcy6XfyDC6gI="; } { # andrew allowedIPs = [ andrew-wg ]; publicKey = "LP/FgST9fmBQSoKQFq9sFGvjRFOtRooMcuEcjuqaoWM="; } { # mikey laptop allowedIPs = [ mikeylaptop-wg ]; publicKey = "kz/pY/PgV+dwF1JZ2It4r5B5QfRSQM7HkbFCdvd5Yxk="; } { # andrew desktop allowedIPs = [ andrewdesktop-wg ]; publicKey = "rpYr3JNLIzxpxzFuQuaHFEl/XvPEPfwLbDETBP8KYXI="; } { # laptop desktop allowedIPs = [ jacopo-wg ]; publicKey = "W/taWI79bPIKOolVVu5xZfiJnPw9K91Xn1zhcM0+4g0="; } { # frznn allowedIPs = [ frznn-wg ]; publicKey = "dXcrdME6VnnE5PBYwvUmayf7cn2wpcExeCR9gIXOO0o="; } { # ludo allowedIPs = [ ludo-wg ]; publicKey = "ecrxdzx7tQZwMPxZOjHUvxZT2xY79B6XEDIW+fhEtEM="; } { # parina allowedIPs = [ parina-wg ]; publicKey = "7nubNnfGsg4/7KemMDn9r99mNK8RFU9uOFFqaYv6rUA="; } { # nilo allowedIPs = [ nilo-wg ]; publicKey = "lhTEDJ9WnizvEHTd5kN21fTHF27HNk+fPLQnB1B3LW0="; } { # parina ipad allowedIPs = [ parina-ipad-wg ]; publicKey = "ezkCzl2qC7Hd7rFKfqMa0JXDKRhVqy79H52rA06x7mU="; } { # kcl vm allowedIPs = [ kclvm-wg ]; publicKey = "jVBaY8AhgAA7myVjU/PJPDUCOjsCi23LT+pGZUoNEkE="; } { allowedIPs = [ framecca-wg ]; publicKey = "w0XPu5GcDA2vpNk3KCFRdWNVVQHRtAPApEsK1h3Ovyk="; } ]; }; }; }; }