diff --git a/configuration.nix b/configuration.nix index 94c1b0e..2538347 100644 --- a/configuration.nix +++ b/configuration.nix @@ -16,6 +16,7 @@ ./modules/pipewire.nix ./modules/rekey.nix ./modules/nvidia.nix + ./modules/wireguard.nix ]; # Use the systemd-boot EFI boot loader. diff --git a/modules/wireguard.nix b/modules/wireguard.nix new file mode 100644 index 0000000..4e27683 --- /dev/null +++ b/modules/wireguard.nix @@ -0,0 +1,43 @@ +{config, ...}: let + address = [ + "10.0.0.2/32" + ]; + peer = { + endpoint = "lel.lol:51820"; + publicKey = "t/jR2/0hxBXG0Ytah2w5RQ1gn94k0/Ku9LYcbRR7pXo="; + presharedKeyFile = config.rekey.secrets.wireguard-pre.path; + }; + privateKeyFile = config.rekey.secrets.wireguard-priv.path; +in { + rekey.secrets = { + wireguard-pre.file = ../secrets/wireguard/elisabeth-pre.wg.age; + wireguard-priv.file = ../secrets/wireguard/elisabeth-priv.wg.age; + }; + + networking.wg-quick.interfaces = { + wg-intern = { + inherit address privateKeyFile; + peers = [ + (peer + // { + allowedIPs = [ + "10.0.0.1/32" + ]; + }) + ]; + }; + wg-all = { + inherit address privateKeyFile; + peers = [ + (peer + // { + allowedIPs = [ + "0.0.0.0/0" + "::/0" + ]; + }) + ]; + autostart = false; + }; + }; +} diff --git a/secrets/test.age b/secrets/test.age deleted file mode 100644 index d8f5f7f..0000000 --- a/secrets/test.age +++ /dev/null @@ -1,12 +0,0 @@ -age-encryption.org/v1 --> X25519 6PjX+qZyPYWTisaNUryJ12t/CEOrfLd+K1/wyKGFixM -S5IV+M+l5LleLoXM3SUDioBCJiaHcwZslERVj5L0ygE --> piv-p256 XTQkUA A1py15wjDt5uwgw2/s2/ueM2JMcT4RFMa+5fx+d2UhG8 -xIdD5DNoxvu3T0873Qv2hl9rHatWi4GhAGcWT/cxNE8 --> piv-p256 ZFgiIw AsSMYe/35S/b3kTqriw9Ur2eg2iB8dDSt4qtFzbMqTMz -WnBSoehEmLtX9SEawmQIxsV8dReZPJRNq5oSLH6UWSU --> bHCG/L-grease -|u -77tuo6s/XdK97pc73YTUh/OShs4jX/01ODcQT/80LaoCI0bt+yVBIOwNPrLwHVIV -iiqROaIIp+mRDQj6JUB7hlaPoiNJcfO6ozA ---- 7W4CK2idSDKwMlYi/FmPZVLPZZKv+5nyp0mpysWXork -H\bwўug+uU+т?\)) W6}'QH/'> \ No newline at end of file diff --git a/secrets/wireguard/elisabeth-pre.wg.age b/secrets/wireguard/elisabeth-pre.wg.age new file mode 100644 index 0000000..df3e233 Binary files /dev/null and b/secrets/wireguard/elisabeth-pre.wg.age differ diff --git a/secrets/wireguard/elisabeth-priv.wg.age b/secrets/wireguard/elisabeth-priv.wg.age new file mode 100644 index 0000000..78048a5 Binary files /dev/null and b/secrets/wireguard/elisabeth-priv.wg.age differ diff --git a/users/common/programs/thunderbird.nix b/users/common/programs/thunderbird.nix new file mode 100644 index 0000000..c34966f --- /dev/null +++ b/users/common/programs/thunderbird.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + programs.thunderbird = { + enable = true; + }; +} diff --git a/users/common/touchscreen.nix b/users/common/touchscreen.nix index 7c91e1b..c18541f 100644 --- a/users/common/touchscreen.nix +++ b/users/common/touchscreen.nix @@ -4,6 +4,7 @@ # with udev and X11 we truly do not live in an ideal world fix = pkgs.writeShellScriptBin "fix-shit" '' xinput --map-to-output "ELAN2514:00 04F3:2817" eDP-1 + xinput --map-to-output "ELAN2514:00 04F3:2817 Stylus Pen (0)" eDP-1 ''; in { home.packages = [fix]; diff --git a/users/patrick.nix b/users/patrick.nix index 3f423e6..7dd12f5 100644 --- a/users/patrick.nix +++ b/users/patrick.nix @@ -10,6 +10,7 @@ common/programs/polybar.nix common/programs/rofi.nix common/touchscreen.nix + #common/programs/thunderbird.nix #common/touchegg.nix ];