feat(harbor): add wg server

2025-04-23 00:31:20 +02:00 · 2025-04-23 00:31:20 +02:00 · cd2bbd09f4
commit cd2bbd09f4
parent 99e902a08d
1 changed files with 9 additions and 1 deletions
--- a/hosts/harbor/configuration.nix
+++ b/hosts/harbor/configuration.nix
@ -5,8 +5,9 @@
 }: {
  imports = [
    ./hardware-configuration.nix
-    ../../modules/services/nextcloud-instance.nix
+    ../../modules/networking/wireguard
    ../../modules/services/borg-server.nix
+    ../../modules/services/nextcloud-instance.nix
  ];

  # Secret management
@ -16,6 +17,10 @@
    owner = "nextcloud";
    key = "admin-pass";
  };
+  sops.secrets."wg-priv" = {
+    sopsFile = ../../secrets/harbor/wg.yaml;
+    key = "privateKey";
+  };

  # Configure nix and garbage collection
  nix = {
@ -56,6 +61,9 @@
  services.borg-server.enable = true;
  services.borg-server.repositories.comfy-station.ssh_public_key = builtins.readFile (../../static/keys + "/borg-jonas@comfy-station.pub");

+  networking.wg.server.enable = true;
+  networking.wg.server.privateKey = config.sops.secrets.wg-priv.path;
+
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;