From d617183438ccb066c7323636e16a8add89744011 Mon Sep 17 00:00:00 2001 From: Nikolaos Karaolidis Date: Thu, 26 Jun 2025 09:14:18 +0100 Subject: [PATCH] Change vps wireguard port Signed-off-by: Nikolaos Karaolidis --- hosts/jupiter-vps/configs/wireguard/default.nix | 6 +++--- hosts/jupiter/configs/wireguard/default.nix | 6 ++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/hosts/jupiter-vps/configs/wireguard/default.nix b/hosts/jupiter-vps/configs/wireguard/default.nix index a30b875..2cde1ab 100644 --- a/hosts/jupiter-vps/configs/wireguard/default.nix +++ b/hosts/jupiter-vps/configs/wireguard/default.nix @@ -1,7 +1,7 @@ { config, inputs, ... }: let jupiterConfig = inputs.self.nixosConfigurations.jupiter.config; - wireguardPort = 51820; + wireguardPort = 51821; jupiterPublicIPv4 = "51.89.210.124"; in { @@ -10,7 +10,7 @@ in "net.ipv4.conf.all.proxy_arp" = 1; }; - sops.secrets.wireguard = { }; + sops.secrets."wireguard/server" = { }; networking = { firewall = { @@ -22,7 +22,7 @@ in ips = [ "10.0.0.1/24" ]; listenPort = wireguardPort; - privateKeyFile = config.sops.secrets.wireguard.path; + privateKeyFile = config.sops.secrets."wireguard/server".path; peers = [ { diff --git a/hosts/jupiter/configs/wireguard/default.nix b/hosts/jupiter/configs/wireguard/default.nix index bbb34ca..80846ae 100644 --- a/hosts/jupiter/configs/wireguard/default.nix +++ b/hosts/jupiter/configs/wireguard/default.nix @@ -11,11 +11,9 @@ let jupiterPublicIPv4 = "51.89.210.124"; in { - sops.secrets.wireguard = { }; + sops.secrets."wireguard/client/vps" = { }; networking = { - firewall.allowedUDPPorts = [ wireguardPort ]; - iproute2 = { enable = true; rttablesExtraConfig = '' @@ -33,7 +31,7 @@ in "${jupiterPublicIPv4}/32" ]; - privateKeyFile = config.sops.secrets.wireguard.path; + privateKeyFile = config.sops.secrets."wireguard/client/vps".path; table = "wireguard"; postSetup = [ "${ip} rule add from ${jupiterPublicIPv4} table ${table}" ];