diff options
Diffstat (limited to 'deployment/services/vpn.scm')
| -rw-r--r-- | deployment/services/vpn.scm | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/deployment/services/vpn.scm b/deployment/services/vpn.scm new file mode 100644 index 0000000..5cf58d8 --- /dev/null +++ b/deployment/services/vpn.scm @@ -0,0 +1,79 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2026 Marek Paśnikowski <marek@marekpasnikowski.pl> + +;;; COPYRIGHT NOTICE +;;; +;;; Copyright 2026, Marek Paśnikowski <marek@marekpasnikowski.pl> + +;;; LICENSE NOTICE +;;; +;;; This library is free software: you can redistribute it and/or modify it under the terms of +;;; the GNU General Public License as published by the Free Software Foundation, +;;; either version 3 of the License, or (at your option) any later version. +;;; +;;; This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; +;;; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +;;; See the GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License along with this library. +;;; If not, see <https://www.gnu.org/licenses/>. + +(define-module (deployment services vpn) + #:export (wireguard-service-aisaka + wireguard-service-giewont + wireguard-service-rakan) + #:use-module (gnu services) + #:use-module (gnu services vpn) + #:use-module (sovereign services vpn) + #:use-module ((deployment services dns) + #:prefix deployment:services:dns:)) + +(define wireguard-peer-aisaka + (wireguard-peer + (inherit %wireguard-peer) + (name "aisaka") + (endpoint deployment:services:dns:wireguard-endpoint) + (public-key "7B6fgIKVZs6DWN3hdDGlYI8XpvHWGCjZKh6kbY/KKg8="))) + +(define wireguard-peer-giewont + (wireguard-peer + (inherit %wireguard-peer) + (name "giewont") + (public-key "/XsuEpAHX1iEc5abcmY9sYTx8qETAuSLjEmx5ekqfwM=") + (allowed-ips (list "10.0.0.2/32")))) + +(define wireguard-peer-rakan + (wireguard-peer + (inherit %wireguard-peer) + (name "rakan") + (public-key "vOEJivgw9C7wZwYX3Kiqw3Ycl6wErr8N9z3BmkhF0Us=") + (allowed-ips (list "10.0.0.3/32")))) + +(define wireguard-configuration-aisaka + (wireguard-configuration + (inherit %wireguard-configuration) + (peers (list wireguard-peer-giewont + wireguard-peer-rakan)))) + +(define wireguard-configuration-giewont + (wireguard-configuration + (inherit %wireguard-configuration) + (addresses (list "10.0.0.2/24")) + (peers (list wireguard-peer-aisaka)))) + +(define wireguard-configuration-rakan + (wireguard-configuration + (inherit %wireguard-configuration) + (addresses (list "10.0.0.3/24")) + (peers (list wireguard-peer-aisaka)))) + +(define wireguard-service-aisaka + (wireguard-service wireguard-configuration-aisaka)) + +(define wireguard-service-giewont + (wireguard-service wireguard-configuration-giewont)) + +(define wireguard-service-rakan + (wireguard-service wireguard-configuration-rakan)) + +;;; EOF |