feat: add wireguard configuration

hosts/dekomori/config.nix

@@ -3,5 +3,6 @@
     type = "server";
     archisteamfarm.enable = true;
     boot.mode = "legacy";
+    wireguard.enable = true;
   };
 }

hosts/dekomori/secrets.nix

@@ -1,5 +1,5 @@
 {
-	"data": "ENC[AES256_GCM,data:NwxCohtXJ3TqGETzAJ6JhugeM6/lAD0E6i4yBg5Y7elvkfbkcQA7qie3wHIDAZdWUrbaZoexMnZKPFzCncsdF5K15K0p986N8R0gMllBHxzQO8/smIGf2rY8LLAwR5zu67fERVFKBb82GQTmxLdluE55/Mdocz3aTZf9UvMzFjEb5PHmCrJPWDyWadLy/qJ8rGKzW25TYVmzkdNVH7OomEW0Ty2YjrXezfsIXtNLz9TMeL2fT/SCOULbn9h9PGvCVXgRD4mvaI0yPeXK4lmxAfOrGbpN/k+jcbMg40Xbr0L5J1dV9FwugnIIMRNLXA8RoDxh26ij2ICknN6i879Gmyc2FOVGCRNl2c9r8feRxFue1Hhx5RVMjJglHNryvFCETizxvTklb8BhhDYruKMKsMNNlvKiMmqC3uxFXk9T780HcIPI/dCx86KlkarOdvqTcNHn+MSOr4l6Grc7bPAkUoYdT84Q8Zp2iW05sXO+KkaswiEJAErUEpjpZzmDk9Ffplr1FPqINBJrRiYCNrFbkEVQhHmv6sFWr966TrhL7ZRmftCiw34zRT0wOv3uJeg8,iv:yWShiBSmUqGIn0K07KlW8qbAQBmx3wP4Ucomc1Hij7Y=,tag:FepmSSE9pq3FBvxnRs6Y7Q==,type:str]",
+	"data": "ENC[AES256_GCM,data:xvJkQts8MMHL82YbQcE9KJTF5iPibY77XA7hg7sKaCuhK5YvReRludXhFAl/yMWMn+z8lrEW25PbLhh8egxZOnt4Cis4D2ooy4qPHJeZO8jGWUnV2PGaM1CPJyc0PnD7I57z61MXL9p/u5DbdgHGW4/fGJxmSRF6y+j23pkt+ftbz/sCvYjHFFK8wYjH1ysjJxwi5gMEjpkEJlnrtDNBGunBOQ8Xz2znDV0Dy0X0j7qH2FDctuNJI0sDg2b8vCD1Ko2Ro/+CMxV19WoTijfXgEcqpTbdXZ4XrEhq4EuUinIaHtm2jQnhFNIebJJ6G3n5Awg2nEVpJOnLdWheNkbkG7nOJKTIfPkJv8gUTCuDJsTY2aUKQvop+l+Zpz9y2rf4zYlw0lSA2dWNot4DgVteg8izmH5w0oc8EmsMoRUkMnFgQ82HQTwKFYlrtCAyTwAcI2DzfxWZAzHgpqVRfWRKsroMNKQwxqp8Km/fRSUIR0iqDnhHULTMena+UzXtDJGpaxu6KTA1wtdp3BMdgKExRsch6fmy8ekiArL1FiRWoO+d42M/eTuaZsvIdXLHiVnQ,iv:HrVkTfcwxTAHJG+oHWiVP8WQd6NgiC2ggMTUjAzqYn8=,tag:cToAkZPArG4CR290eWtd0A==,type:str]",
 	"sops": {
 		"kms": null,
 		"gcp_kms": null,
@@ -11,8 +11,8 @@
 				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGYjg5S0RsVUlBQngvQ2Rt\nZ2R4cW1sMHl0WWJoaTdKb1ppL0JhQ1hoTkQwClRmaW1pc25NODNLZ25XWGc5MlZE\nVG1zUmNSTTdLQmU3UFpSOXo0dCtwejQKLS0tIGZZUDlSbTdBSkcrOEQyU2JjOGRh\nOUN4VWRrRkpsK3B6aW9KY25uaGJZWE0K4DpDEQA/Re3AzCJK8xOY13MZC0L8PxWc\nodj2afo/uToZPZKpAyhudsRO5/O7xCD4RVaoNVmkS7Mz/P7LjHrUTg==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
-		"lastmodified": "2023-12-28T19:32:46Z",
-		"mac": "ENC[AES256_GCM,data:56GYFdOurMjsjALZTLDYPsUTpwptW7Gsv/jq0T0d2D34DkHWSoTTgfKMhtbBaFldyjRV8RmLFiGfS+j4swi4jxCghS24He194Cvrj+dikjLvpRc+JBgdYQUl/mn45mHVvrzkFrM9XzVF7ebFqJjmN/SSuf++VSLQqnBDnQbwrHg=,iv:5cdPW+tU+6of8Ix9rC/ry7cS4C6sBz0qaEemJVNLGEs=,tag:6tCaHlD8Vx7roHOg52AAyQ==,type:str]",
+		"lastmodified": "2023-12-29T07:50:33Z",
+		"mac": "ENC[AES256_GCM,data:TLnhEXtzaN9hQ9sj8bI/z1KXEqUvXaXPQ6CE2SMC0uD+lXA5GXghtjD7s4u+G92/qBxHvyPqO+AZS91orrq1dYkZope6rIRIGPUp4OIougBgC91Nzo9kI0bE5+UPI6dEUheE/2FJzsVE8kaf1FOiMKQXTjcz5oxF+n8a/e9wnjA=,iv:pGN57/UDV+YptpAiBSd/f8FW4s0KZpERJg8P1F2L7ts=,tag:ZJnfnG7FylBbdpwn1hrtKg==,type:str]",
 		"pgp": null,
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.7.3"

hosts/dekomori/shared.nix

@@ -1,4 +1,28 @@
-{...}: {
+{secrets, ...}: {
   yunfachi = {
+    wireguard = {
+      server = {
+        ip = secrets.yunfachi.wireguard.server.ip;
+        port = secrets.yunfachi.wireguard.server.port;
+        interface = "ens3";
+        tunnel = "10.0.0.1";
+        publicKey = secrets.yunfachi.wireguard.server.publicKey;
+      };
+
+      clients = {
+        "a52" = {
+          ip = "10.0.0.101";
+          publicKey = secrets.yunfachi.wireguard.clients."a52".publicKey;
+        };
+        "p11" = {
+          ip = "10.0.0.102";
+          publicKey = secrets.yunfachi.wireguard.clients."p11".publicKey;
+        };
+        "t12" = {
+          ip = "10.0.0.103";
+          publicKey = secrets.yunfachi.wireguard.clients."t12".publicKey;
+        };
+      };
+    };
   };
 }

hosts/mitama/shared.nix

@@ -1,4 +1,12 @@
-{...}: {
+{
+  host,
+  secrets,
+  ...
+}: {
   yunfachi = {
+    wireguard.clients."${host}" = {
+      ip = "10.0.0.2";
+      publicKey = secrets.yunfachi.wireguard.clients."${host}".publicKey;
+    };
   };
 }