From 9e1e8410c316758b6db87a86a2c0ccc6b38c445c Mon Sep 17 00:00:00 2001
From: Sean Buckley <sean.bck@gmail.com>
Date: Wed, 11 May 2022 11:50:52 -0400
Subject: [PATCH] add wireguard VPN

---
 hosts/hp/default.nix    |  1 +
 hosts/lenny/default.nix |  1 +
 modules/wg-home.nix     | 18 ++++++++++++++++++
 3 files changed, 20 insertions(+)
 create mode 100644 modules/wg-home.nix

diff --git a/hosts/hp/default.nix b/hosts/hp/default.nix
index e53df3e..3a22a9e 100644
--- a/hosts/hp/default.nix
+++ b/hosts/hp/default.nix
@@ -24,6 +24,7 @@
     gnome = true;
     profile = "desktop";
     horizon.enable = true;
+    wg-home.enable = true;
   };
 
   boot = {
diff --git a/hosts/lenny/default.nix b/hosts/lenny/default.nix
index 4e083e4..49867d4 100644
--- a/hosts/lenny/default.nix
+++ b/hosts/lenny/default.nix
@@ -24,6 +24,7 @@
     gnome = true;
     profile = "desktop";
     horizon.enable = true;
+    wg-home.enable = true;
   };
 
   zramSwap.memoryPercent = 100;
diff --git a/modules/wg-home.nix b/modules/wg-home.nix
new file mode 100644
index 0000000..232c706
--- /dev/null
+++ b/modules/wg-home.nix
@@ -0,0 +1,18 @@
+{ config, lib, pkgs, ... }:
+{
+  options.sconfig.wg-home.enable = lib.mkEnableOption "set up home VPN";
+
+  config = lib.mkIf config.sconfig.wg-home.enable {
+    systemd.services.wg-home = {
+      script = "wg-quick up /nix/persist/wireguard_home.conf";
+      preStop = "wg-quick down /nix/persist/wireguard_home.conf";
+      path = [ pkgs.wireguard-tools ];
+      serviceConfig = {
+        type = "oneshot";
+        RemainAfterExit = true;
+      };
+    };
+    boot.kernelModules = [ "wireguard" ];
+    environment.systemPackages = [ pkgs.wireguard-tools ];
+  };
+}