about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--hosts/aptos/default.nix7
-rw-r--r--lib/private-wireguard.nix6
2 files changed, 9 insertions, 4 deletions
diff --git a/hosts/aptos/default.nix b/hosts/aptos/default.nix
index 1e79543..c94efd0 100644
--- a/hosts/aptos/default.nix
+++ b/hosts/aptos/default.nix
@@ -32,6 +32,13 @@
   };
 
   networking.wireless.iwd.enable = true;
+
+  age.secrets.wg-net = {
+    file = ../../secrets/network/aptos/wireguard_privatekey.age;
+    path = "/var/lib/wireguard/wg0.key";
+    symlink = false;
+  };
+
   networking.private-wireguard.enable = true;
 
   services.thermald.enable = true;
diff --git a/lib/private-wireguard.nix b/lib/private-wireguard.nix
index e063f39..0d9b904 100644
--- a/lib/private-wireguard.nix
+++ b/lib/private-wireguard.nix
@@ -16,12 +16,10 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    networking = let
-      age.secrets.wg-net.file = ../secrets/network/hostname/wireguard_privatekey.age;
-    in {
+    networking = {
       wireguard.interfaces.wg0 = {
         listenPort = port;
-        privateKeyFile = "/run/agenix/wireguard_privatekey";
+        privateKeyFile = "/var/lib/wireguard/wg0.key";
         ips = [
           "${wgcfg.subnet4}.${toString thisPeer.ipv4}/${toString wgcfg.mask4}"
         ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-27 08:29:43 +0000