feat: wireguard config (closes #21)

configuration.nix

@@ -16,6 +16,7 @@
     ./modules/pipewire.nix
     ./modules/rekey.nix
     ./modules/nvidia.nix
+    ./modules/wireguard.nix
   ];
 
   # Use the systemd-boot EFI boot loader.

modules/wireguard.nix

@@ -0,0 +1,43 @@
+{config, ...}: let
+  address = [
+    "10.0.0.2/32"
+  ];
+  peer = {
+    endpoint = "lel.lol:51820";
+    publicKey = "t/jR2/0hxBXG0Ytah2w5RQ1gn94k0/Ku9LYcbRR7pXo=";
+    presharedKeyFile = config.rekey.secrets.wireguard-pre.path;
+  };
+  privateKeyFile = config.rekey.secrets.wireguard-priv.path;
+in {
+  rekey.secrets = {
+    wireguard-pre.file = ../secrets/wireguard/elisabeth-pre.wg.age;
+    wireguard-priv.file = ../secrets/wireguard/elisabeth-priv.wg.age;
+  };
+
+  networking.wg-quick.interfaces = {
+    wg-intern = {
+      inherit address privateKeyFile;
+      peers = [
+        (peer
+          // {
+            allowedIPs = [
+              "10.0.0.1/32"
+            ];
+          })
+      ];
+    };
+    wg-all = {
+      inherit address privateKeyFile;
+      peers = [
+        (peer
+          // {
+            allowedIPs = [
+              "0.0.0.0/0"
+              "::/0"
+            ];
+          })
+      ];
+      autostart = false;
+    };
+  };
+}

secrets/test.age

@@ -1,12 +0,0 @@
-age-encryption.org/v1
--> X25519 6PjX+qZyPYWTisaNUryJ12t/CEOrfLd+K1/wyKGFixM
-S5IV+M+l5LleLoXM3SUDioBCJiaHcwZslERVj5L0ygE
--> piv-p256 XTQkUA A1py15wjDt5uwgw2/s2/ueM2JMcT4RFMa+5fx+d2UhG8
-xIdD5DNoxvu3T0873Qv2hl9rHatWi4GhAGcWT/cxNE8
--> piv-p256 ZFgiIw AsSMYe/35S/b3kTqriw9Ur2eg2iB8dDSt4qtFzbMqTMz
-WnBSoehEmLtX9SEawmQIxsV8dReZPJRNq5oSLH6UWSU
--> bHCG/L-grease -|u
-77tuo6s/XdK97pc73YTUh/OShs4jX/01ODcQT/80LaoCI0bt+yVBIOwNPrLwHVIV
-iiqROaIIp+mRDQj6JUB7hlaPoiNJcfO6ozA
---- 7W4CK2idSDKwMlYi/FmPZVLPZZKv+5nyp0mpysWXork
-ÅH\”úŽÅ‚úbwõŒÑžug+uU+Ñ‚?<3F>\))	Wï6æ}¥ÿ'öÌQH¹/'§ÅÐ><3E>

users/common/programs/thunderbird.nix

@@ -0,0 +1,5 @@
+{pkgs, ...}: {
+  programs.thunderbird = {
+    enable = true;
+  };
+}

users/common/touchscreen.nix

@@ -4,6 +4,7 @@
   # with udev and X11 we truly do not live in an ideal world
   fix = pkgs.writeShellScriptBin "fix-shit" ''
     xinput --map-to-output "ELAN2514:00 04F3:2817" eDP-1
+    xinput --map-to-output "ELAN2514:00 04F3:2817 Stylus Pen (0)" eDP-1
   '';
 in {
   home.packages = [fix];

users/patrick.nix

@@ -10,6 +10,7 @@
     common/programs/polybar.nix
     common/programs/rofi.nix
     common/touchscreen.nix
+    #common/programs/thunderbird.nix
     #common/touchegg.nix
   ];