diff options
-rw-r--r-- | hosts/aptos/default.nix | 7 | ||||
-rw-r--r-- | lib/private-wireguard.nix | 6 |
2 files changed, 9 insertions, 4 deletions
diff --git a/hosts/aptos/default.nix b/hosts/aptos/default.nix index 1e79543..c94efd0 100644 --- a/hosts/aptos/default.nix +++ b/hosts/aptos/default.nix @@ -32,6 +32,13 @@ }; networking.wireless.iwd.enable = true; + + age.secrets.wg-net = { + file = ../../secrets/network/aptos/wireguard_privatekey.age; + path = "/var/lib/wireguard/wg0.key"; + symlink = false; + }; + networking.private-wireguard.enable = true; services.thermald.enable = true; diff --git a/lib/private-wireguard.nix b/lib/private-wireguard.nix index e063f39..0d9b904 100644 --- a/lib/private-wireguard.nix +++ b/lib/private-wireguard.nix @@ -16,12 +16,10 @@ in { }; config = lib.mkIf cfg.enable { - networking = let - age.secrets.wg-net.file = ../secrets/network/hostname/wireguard_privatekey.age; - in { + networking = { wireguard.interfaces.wg0 = { listenPort = port; - privateKeyFile = "/run/agenix/wireguard_privatekey"; + privateKeyFile = "/var/lib/wireguard/wg0.key"; ips = [ "${wgcfg.subnet4}.${toString thisPeer.ipv4}/${toString wgcfg.mask4}" ]; |