reNixos/s0melapt0p-nix/services/yggdrasil.nix

{config, ...}: {
    services = {
        yggdrasil = {
            enable = true;
            persistentKeys = false;
            settings = {
                PrivateKey = config.sops.secrets.yggKeyLT.path;

                Peers = [
                    # only 1W+ peers (some exeptions are possible)

                    # Russia
                    "tls://yggno.de:18227"
                    "tcp://yggno.de:18226"

                    "tcp://kzn1.neonxp.ru:7991"
                    "tls://kzn1.neonxp.ru:7992"
                    "ws://kzn1.neonxp.ru:7993"
                    "quic://kzn1.neonxp.ru:7994"
                ];

                Listen = [
                    #
                ];

                MulticastInterfaces = [
                    {
                        Regex = ".*";
                        Beacon = true;
                        Listen = false;
                        Password = "";
                    }
                ];

                AllowedPublicKeys = [
                    #
                ];

                IfName = "auto";

                IfMTU = 65535;
                NodeInfoPrivacy = false;
            };
        };
    };
}