diff options
| author | Marek Paśnikowski <marek@marekpasnikowski.pl> | 2026-06-05 11:36:42 +0200 |
|---|---|---|
| committer | Marek Paśnikowski <marek@marekpasnikowski.pl> | 2026-06-05 18:49:26 +0200 |
| commit | f8b5be881f3e36fd26115af57009fe750a588ce2 (patch) | |
| tree | b2851354b5e8573771ad3ddf55ad4b7c9ef544ef /deployment/services/vpn.scm | |
| parent | 6ef001ead1cd7473ee2c9c7520696c3b0deddb51 (diff) | |
(services): add initial deployment of Wireguard VPNtest
Diffstat (limited to 'deployment/services/vpn.scm')
| -rw-r--r-- | deployment/services/vpn.scm | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/deployment/services/vpn.scm b/deployment/services/vpn.scm new file mode 100644 index 0000000..5cf58d8 --- /dev/null +++ b/deployment/services/vpn.scm @@ -0,0 +1,79 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2026 Marek Paśnikowski <marek@marekpasnikowski.pl> + +;;; COPYRIGHT NOTICE +;;; +;;; Copyright 2026, Marek Paśnikowski <marek@marekpasnikowski.pl> + +;;; LICENSE NOTICE +;;; +;;; This library is free software: you can redistribute it and/or modify it under the terms of +;;; the GNU General Public License as published by the Free Software Foundation, +;;; either version 3 of the License, or (at your option) any later version. +;;; +;;; This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; +;;; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +;;; See the GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License along with this library. +;;; If not, see <https://www.gnu.org/licenses/>. + +(define-module (deployment services vpn) + #:export (wireguard-service-aisaka + wireguard-service-giewont + wireguard-service-rakan) + #:use-module (gnu services) + #:use-module (gnu services vpn) + #:use-module (sovereign services vpn) + #:use-module ((deployment services dns) + #:prefix deployment:services:dns:)) + +(define wireguard-peer-aisaka + (wireguard-peer + (inherit %wireguard-peer) + (name "aisaka") + (endpoint deployment:services:dns:wireguard-endpoint) + (public-key "7B6fgIKVZs6DWN3hdDGlYI8XpvHWGCjZKh6kbY/KKg8="))) + +(define wireguard-peer-giewont + (wireguard-peer + (inherit %wireguard-peer) + (name "giewont") + (public-key "/XsuEpAHX1iEc5abcmY9sYTx8qETAuSLjEmx5ekqfwM=") + (allowed-ips (list "10.0.0.2/32")))) + +(define wireguard-peer-rakan + (wireguard-peer + (inherit %wireguard-peer) + (name "rakan") + (public-key "vOEJivgw9C7wZwYX3Kiqw3Ycl6wErr8N9z3BmkhF0Us=") + (allowed-ips (list "10.0.0.3/32")))) + +(define wireguard-configuration-aisaka + (wireguard-configuration + (inherit %wireguard-configuration) + (peers (list wireguard-peer-giewont + wireguard-peer-rakan)))) + +(define wireguard-configuration-giewont + (wireguard-configuration + (inherit %wireguard-configuration) + (addresses (list "10.0.0.2/24")) + (peers (list wireguard-peer-aisaka)))) + +(define wireguard-configuration-rakan + (wireguard-configuration + (inherit %wireguard-configuration) + (addresses (list "10.0.0.3/24")) + (peers (list wireguard-peer-aisaka)))) + +(define wireguard-service-aisaka + (wireguard-service wireguard-configuration-aisaka)) + +(define wireguard-service-giewont + (wireguard-service wireguard-configuration-giewont)) + +(define wireguard-service-rakan + (wireguard-service wireguard-configuration-rakan)) + +;;; EOF |