From 6e361b197c835af8beb0d69bae4be29643d4d9d8 Mon Sep 17 00:00:00 2001
From: 0xWheatyz <wyatt@leeworks.dev>
Date: Wed, 15 Apr 2026 18:40:53 -0400
Subject: [PATCH] feat(wireguard): update wg0 config to match
 ClusterVPN-Nixos.conf

- Address: 10.0.1.66/28 -> 10.0.1.67/32
- Add DNS 10.0.1.65
- AllowedIPs: restricted subnets -> 0.0.0.0/0 (full tunnel)
---
 configuration.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 2d1dedf..915eff0 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -176,13 +176,14 @@
 
   # WireGuard VPN
   networking.wg-quick.interfaces.wg0 = {
-    address = [ "10.0.1.66/28" ];
+    address = [ "10.0.1.67/32" ];
+    dns = [ "10.0.1.65" ];
     privateKeyFile = "/etc/wireguard/private.key";
 
     peers = [{
       publicKey = "VEpzr/CeGdS6Wsy0NDDfmlB/bCYxS55A155HWGCIIzc=";
       endpoint = "vpn.leeworks.dev:51820";
-      allowedIPs = [ "192.168.1.0/24" "10.0.0.0/24" "10.0.1.0/26" ];
+      allowedIPs = [ "0.0.0.0/0" ];
       persistentKeepalive = 25;
     }];
   };