From c672a9d511920dd74d6a6082fa8775a934f07acd Mon Sep 17 00:00:00 2001
From: cnst <adam@cnst.dev>
Date: Sun, 20 Jul 2025 15:49:47 +0200
Subject: [PATCH] secrets 3

---
 hosts/sobotka/default.nix | 33 ++++++++++++++++-----------------
 hosts/sobotka/server.nix  |  2 +-
 2 files changed, 17 insertions(+), 18 deletions(-)

diff --git a/hosts/sobotka/default.nix b/hosts/sobotka/default.nix
index a3e07253..a966a207 100644
--- a/hosts/sobotka/default.nix
+++ b/hosts/sobotka/default.nix
@@ -44,23 +44,22 @@ in {
   networking = {
     hostName = "sobotka";
     domain = "cnst.dev";
-    # wireguard = {
-    #   interfaces.wg0 = {
-    #     ips = [
-    #       "127.0.0.1/8"
-    #     ];
-    #     peers = [
-    #       {
-    #         allowedIPs = [
-    #           "192.168.88.13/24"
-    #         ];
-    #         # endpoint = "demo.wireguard.io:12913";
-    #         publicKey = "cUeRvwTwrL5GRc4dHjea89RJSa1kh4kIA/sHYzmscyQ=";
-    #       }
-    #     ];
-    #     privateKeyFile = config.age.secrets.wgSobotkaPrivateKey.path;
-    #   };
-    # };
+    firewall.allowedUDPPorts = [51820];
+    wireguard = {
+      interfaces.wg1 = {
+        ips = [
+          "127.0.0.1/8"
+        ];
+        peers = [
+          {
+            name = "kima";
+            allowedIPs = ["192.168.88.13/24"];
+            publicKey = "cUeRvwTwrL5GRc4dHjea89RJSa1kh4kIA/sHYzmscyQ=";
+          }
+        ];
+        privateKeyFile = config.age.secrets.wgSobotkaPrivateKey.path;
+      };
+    };
   };
 
   powerManagement.enable = false;
diff --git a/hosts/sobotka/server.nix b/hosts/sobotka/server.nix
index 1bb4d321..e32de12f 100644
--- a/hosts/sobotka/server.nix
+++ b/hosts/sobotka/server.nix
@@ -31,7 +31,7 @@
     deluge.enable = true;
     wireguard-netns = {
       enable = true;
-      namespace = "vpn2";
+      namespace = "vpn";
       configFile = config.age.secrets.wgCredentials.path;
       privateIP = "10.68.145.193";
       dnsIP = "10.64.0.1";