fixed vps config

.gitsecret/paths/mapping.cfg

@@ -1 +1 @@
-configs/secrets.nix:259586563a3c51652650618e0cc26aaee07b482ea801e2a1641d24510446bf50
+configs/secrets.nix:a83d724b6fe99623ff5a9e649a30227c3c199d302b10dce75db8ab3f3271d7f8

machine/vps.nix

@@ -1,6 +1,6 @@
 { config, lib, pkgs, ... }:
 let
-  secrets = import ./secrets.nix;
+  secrets = import ../configs/secrets.nix;
 in
 {
   imports =
@@ -24,21 +24,22 @@ in
     useDHCP = false;
     interfaces.ens3.useDHCP = true;
     wireguard.interfaces = {
-    wg0 = {
+      wg0 = {
-      ips = [ "10.100.0.1/24" ];
+        ips = [ "10.100.0.1/24" ];
-      listenPort = 51820;
+        listenPort = 51820;
-      postSetup = ''
+        postSetup = ''
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
+          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
-      '';
+        '';
-      postShutdown = ''
+        postShutdown = ''
-        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
+          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ens3 -j MASQUERADE
-      '';
+        '';
-      privateKey = secrets.wireguard-vps-private;
+        privateKey = secrets.wireguard-vps-private;
-      peers = [{
+        peers = [{
-        publicKey = secrets.wireguard-desktop-public;
+          publicKey = secrets.wireguard-desktop-public;
-        presharedKey = secrets.wireguard-preshared;
+          presharedKey = secrets.wireguard-preshared;
-        allowedIPs = [ "10.100.0.2/32" ];
+          allowedIPs = [ "10.100.0.2/32" ];
-      }];
+        }];
+      };
     };
 
     nat = {
@@ -127,4 +128,3 @@ in
 
   system.stateVersion = "21.05";
 }
-