add staging maschine to wireguard

flake.nix

@@ -142,7 +142,6 @@
         data-hoarder-modules = [
           ./modules/data-accumulator.nix
           ./modules/nginx.nix
-          ./modules/wireguard_server.nix
           ./modules/public_api.nix
           ./modules/map.nix
           ./modules/file_sharing.nix
@@ -189,6 +188,7 @@
             specialArgs = { inherit inputs; };
             modules = ([
               ./hosts/data-hoarder/configuration.nix
+              ./modules/wireguard_server.nix
             ] ++ data-hoarder-modules);
           };
           staging-data-hoarder = nixpkgs.lib.nixosSystem {
@@ -196,6 +196,7 @@
             specialArgs = { inherit inputs; };
             modules = ([
               ./hosts/staging/configuration.nix
+              ./modules/wireguard_staging.nix
               microvm.nixosModules.microvm
             ] ++ data-hoarder-modules);
           };

modules/wireguard_server.nix

@@ -22,6 +22,12 @@
           allowedIPs = [ "10.13.37.3/32" ];
           persistentKeepalive = 25;
         }
+        # data hoarder staging
+        {
+          publicKey = "sDiukhk4m+efHc/i1brao0ztnOM1ZipmgTmg8q9kZGQ=";
+          allowedIPs = [ "10.13.37.5/32" ];
+          persistentKeepalive = 25;
+        }
         {
           # traffic-stop-box-0
           publicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";

modules/wireguard_staging.nix

@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+{
+  networking.firewall.allowedUDPPorts = [ 51820 ];
+
+  networking.wg-quick.interfaces.wg-dvb = {
+    address = [ "10.13.37.5/32" ];
+    privateKeyFile = "/root/wg-seckey";
+    postUp = ''
+      ${pkgs.iputils}/bin/ping -c 10 10.13.37.1 || true
+    '';
+
+    peers = [{
+      publicKey = "WDvCObJ0WgCCZ0ORV2q4sdXblBd8pOPZBmeWr97yphY=";
+      allowedIPs = [ "10.13.37.0/24" ];
+      endpoint = "academicstrokes.com:51820";
+      persistentKeepalive = 25;
+    }];
+
+  };
+}