From f58e86e37b26333b515177650f54c5191a35ac6d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vili=20Sinerv=C3=A4?= <vili.m.sinerva@gmail.com>
Date: Sun, 20 Apr 2025 12:54:09 +0300
Subject: [PATCH] Add skeleton for Idacloud VPN config

---
 machine-confs/idacloud.nix | 37 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/machine-confs/idacloud.nix b/machine-confs/idacloud.nix
index 8bd5962..2c8b364 100644
--- a/machine-confs/idacloud.nix
+++ b/machine-confs/idacloud.nix
@@ -1,6 +1,5 @@
 { ... }:
 {
-  networking.hostName = "idacloud";
   custom.nextcloud_domain = "idacloud.sinerva.eu";
 
   imports = [
@@ -8,6 +7,42 @@
     ../services/nextcloud.nix
   ];
 
+  # Networking conf including WireGuard
+  networking = {
+    hostName = "idacloud";
+
+    firewall.allowedUDPPorts = [ 51822 ];
+
+    wg-quick.interfaces = {
+      wg0 = {
+        address = [ "10.1.0.1/24" ];
+        privateKeyFile = "/root/wireguard-keys/privatekey";
+        listenPort = 51822;
+
+        peers = [
+          # Laptop
+          #          {
+          #            publicKey = "TODO";
+          #            presharedKeyFile = "/root/wireguard-keys/psk1";
+          #            allowedIPs = [ "10.1.0.2/32" ];
+          #          }
+          # Phone
+          #          {
+          #            publicKey = "TODO";
+          #            presharedKeyFile = "/root/wireguard-keys/psk2";
+          #            allowedIPs = [ "10.1.0.3/32" ];
+          #          }
+          # Test Phone
+          {
+            publicKey = "66ubJoZWX9jyPKMO2ORomokPO3CokBTGjHiOhHZLjzI=";
+            presharedKeyFile = "/root/wireguard-keys/psk3";
+            allowedIPs = [ "10.1.0.4/32" ];
+          }
+        ];
+      };
+    };
+  };
+
   # HARDWARE SPECIFIC
   services.qemuGuest.enable = true;
 }