From cd2bbd09f42bc9c8bc7bde5046dd815537032d86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20R=C3=B6ger?= <jonas.roeger@tu-dortmund.de>
Date: Wed, 23 Apr 2025 00:31:20 +0200
Subject: [PATCH] feat(harbor): add wg server

---
 hosts/harbor/configuration.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/hosts/harbor/configuration.nix b/hosts/harbor/configuration.nix
index 571dda3..0891c8f 100644
--- a/hosts/harbor/configuration.nix
+++ b/hosts/harbor/configuration.nix
@@ -5,8 +5,9 @@
 }: {
   imports = [
     ./hardware-configuration.nix
-    ../../modules/services/nextcloud-instance.nix
+    ../../modules/networking/wireguard
     ../../modules/services/borg-server.nix
+    ../../modules/services/nextcloud-instance.nix
   ];
 
   # Secret management
@@ -16,6 +17,10 @@
     owner = "nextcloud";
     key = "admin-pass";
   };
+  sops.secrets."wg-priv" = {
+    sopsFile = ../../secrets/harbor/wg.yaml;
+    key = "privateKey";
+  };
 
   # Configure nix and garbage collection
   nix = {
@@ -56,6 +61,9 @@
   services.borg-server.enable = true;
   services.borg-server.repositories.comfy-station.ssh_public_key = builtins.readFile (../../static/keys + "/borg-jonas@comfy-station.pub");
 
+  networking.wg.server.enable = true;
+  networking.wg.server.privateKey = config.sops.secrets.wg-priv.path;
+
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;