From 1ca8cc8c57d606eb94b665af4b85f63138701476 Mon Sep 17 00:00:00 2001
From: 0xWheatyz <wyatt@leeworks.dev>
Date: Sat, 4 Apr 2026 01:53:45 -0400
Subject: [PATCH] feat(wireguard): add wg-quick VPN client configuration

Connect to home network VPN via vpn.leeworks.dev with wg0 interface
on the 10.0.1.64/28 subnet. Private key loaded from /etc/wireguard/private.key.
---
 configuration.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/configuration.nix b/configuration.nix
index b842f08..252adb5 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -174,6 +174,19 @@
   };
   
 
+  # WireGuard VPN
+  networking.wg-quick.interfaces.wg0 = {
+    address = [ "10.0.1.66/28" ];
+    privateKeyFile = "/etc/wireguard/private.key";
+
+    peers = [{
+      publicKey = "VEpzr/CeGdS6Wsy0NDDfmlB/bCYxS55A155HWGCIIzc=";
+      endpoint = "vpn.leeworks.dev:51820";
+      allowedIPs = [ "10.0.1.64/28" ];
+      persistentKeepalive = 25;
+    }];
+  };
+
   services.tailscale = {
     enable = true;
     useRoutingFeatures = "client";  # or "both" for subnet routing