nixos-config/machines/cherry/network-wireguard-wg1.nix

{ pkgs, config, ... }:
{
  clan.core.facts.services.wg1 = {
    secret."wg1.conf" = { };
    generator = {
      # I download the config from my fritz.box
      # cat wg_config.conf | pass insert -m machiens/<name>/wg1.conf
      prompt = "please enter the wg1.conf";
      path = with pkgs; [ coreutils ];
      script = ''
        echo "$prompt_value" > "$secrets"/wg1.conf
      '';
    };
  };
  home-manager.users.root.home.packages = [
    (pkgs.writers.writeBashBin "wg1-up" ''
      ${pkgs.wireguard-tools}/bin/wg-quick up ${
        config.clan.core.facts.services.wg1.secret."wg1.conf".path
      }
    '')
    (pkgs.writers.writeBashBin "wg1-down" ''
      ${pkgs.wireguard-tools}/bin/wg-quick down ${
        config.clan.core.facts.services.wg1.secret."wg1.conf".path
      }
    '')
  ];
}