WG config test for exoplasim

machine-confs/exoplasim.nix

@@ -5,34 +5,23 @@
   networking = {
     hostName = "exoplasim";
 
-    #  wg-quick.interfaces = {
-    #    wg0 = {
-    #      autostart = true;
-    #      address = [
-    #        "fd08:d473:bcca:f0::3/64"
-    #        "2001:14ba:a08c:2df0::3/64"
-    #      ];
-    #      dns = [
-    #        "fd08:d473:bcca::1"
-    #        "vsinerva.fi"
-    #      ];
-    #      privateKeyFile = "/root/wireguard-keys/privatekey-home";
-    #      listenPort = 51820;
+    firewall.allowedUDPPorts = [ 51821 ];
 
-    #      peers = [
-    #        {
-    #          publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
-    #          presharedKeyFile = "/root/wireguard-keys/psk-home";
-    #          allowedIPs = [
-    #            "fd08:d473:bcca::/64"
-    #            "fd08:d473:bcca:f0::/64"
-    #            "::/0"
-    #          ];
-    #          endpoint = "wg.vsinerva.fi:51820";
-    #        }
-    #      ];
-    #    };
-    #  };
+    wg-quick.interfaces = {
+      wg0 = {
+        address = [ "10.0.0.1/24" ];
+        privateKeyFile = "/root/wireguard-keys/privatekey";
+        listenPort = 51821;
+
+        peers = [
+          {
+            publicKey = "9FOmHXs0CmDlW61noS7DqhgH5GfQHzg8ZMasyNQACSc=";
+            presharedKeyFile = "/root/wireguard-keys/psk";
+            allowedIPs = [ "10.0.0.2/32" ];
+          }
+        ];
+      };
+    };
   };
 
   # User worker
@@ -42,8 +31,9 @@
     description = "ExoPlaSim Worker";
     uid = 1001;
     extraGroups = [ "networkmanager" ];
-    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys ++ [ ];
-    # hashedPasswordFile = "/root/hashed-passwords/worker";
+    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys ++ [
+      # TODO add user-specific key
+    ];
   };
   users.groups.worker.gid = 1001;