From 3ea05e0d89187a65384447e39f08ac80c28faef7 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien.malka@me.com>
Date: Sat, 26 Feb 2022 23:50:06 +0100
Subject: [PATCH] Added macintosh to vpn

---
 machines/macintosh/default.nix | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/machines/macintosh/default.nix b/machines/macintosh/default.nix
index 2482d65..e80358e 100644
--- a/machines/macintosh/default.nix
+++ b/machines/macintosh/default.nix
@@ -15,6 +15,7 @@
   networking.hostName = "macintosh";
   networking.networkmanager.enable = true;
 
+
   sound.enable = true;
   hardware.pulseaudio.enable = true;
   hardware.pulseaudio.support32Bit = true;
@@ -47,6 +48,35 @@
   programs.dconf.enable = true;
 
   system.stateVersion = "21.11"; 
+  networking.firewall.allowedUDPPorts = [ 51820 ];
+
+  networking.nameservers = lib.mkForce [ "10.100.0.2" ];
+  networking.networkmanager.insertNameservers = [ "10.100.0.2" ];
+  networking.resolvconf.dnsExtensionMechanism = false;
+  environment.etc."resolv.conf" = with lib; with pkgs; {
+    source = writeText "resolv.conf" ''
+      ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)}
+      options edns0
+    '';
+  };
+
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.100.0.9/24" ];
+      listenPort = 51820;
+      privateKeyFile = "/root/wireguard-keys/private";
+
+      peers = [
+        {
+          allowedIPs = [ "10.100.0.0/24" ];
+          publicKey = "hz+h9Oque5h+Y/WzOUnai3e9UfIfDsvtqmQH0xycIzs=";
+          endpoint = "212.129.40.11:51820";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+
 
 }