From 6044c4e063fa49a435c4ee034e0007bb7f75ed00 Mon Sep 17 00:00:00 2001
From: biscuit <biscuit@nixos.com>
Date: Tue, 20 May 2025 11:28:28 -0500
Subject: [PATCH] added vpn

---
 modules/misc.nix                |  5 +++++
 nixos/biscuit/configuration.nix |  1 +
 system/networking.nix           |  4 ++--
 system/vpn.nix                  | 18 ++++++++++++++++++
 4 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 modules/misc.nix
 create mode 100644 system/vpn.nix

diff --git a/modules/misc.nix b/modules/misc.nix
new file mode 100644
index 0000000..ca1709b
--- /dev/null
+++ b/modules/misc.nix
@@ -0,0 +1,5 @@
+{...}: {
+  imports = [
+    ../system/vpn.nix
+  ];
+}
diff --git a/nixos/biscuit/configuration.nix b/nixos/biscuit/configuration.nix
index 949405d..77af307 100644
--- a/nixos/biscuit/configuration.nix
+++ b/nixos/biscuit/configuration.nix
@@ -9,6 +9,7 @@
     ./hardware-configuration.nix
     ../../modules/system.nix
     ../../modules/xserver.nix
+    ../../modules/misc.nix
   ];
 
   environment.systemPackages = with pkgs; [
diff --git a/system/networking.nix b/system/networking.nix
index b0fe754..396088d 100644
--- a/system/networking.nix
+++ b/system/networking.nix
@@ -1,6 +1,6 @@
-{ ... }: {
+{pkgs, ...}: {
   networking.hostName = "nixos";
   # Pick only one of the below networking options.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+  networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
 }
diff --git a/system/vpn.nix b/system/vpn.nix
new file mode 100644
index 0000000..9d1dee8
--- /dev/null
+++ b/system/vpn.nix
@@ -0,0 +1,18 @@
+{...}: {
+  networking.wireguard.interfaces = {
+    biscuit-default = {
+      ips = ["10.2.0.2/32"];
+      listenPort = 51820;
+      privateKeyFile = "/home/biscuit/Wireguard/secret";
+      dns = ["10.2.0.1"];
+      peers = [
+        {
+          publicKey = "KkUoHrIzkuQ4msZulqCFyRC1Gqcx8oMgbDFRn8wW1X8=";
+          allowedIPs = ["0.0.0.0/0"];
+          endpoint = "95.173.221.65:51820";
+          persistentKeepAlive = 25;
+        }
+      ];
+    };
+  };
+}