From f9e0ffb4003de01ac792136d36ba9cfd74466b51 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Tue, 1 Jul 2025 16:37:21 -0500
Subject: [PATCH] feat: wireguard test

---
 modules/nixos/services/searx/default.nix | 4 ++--
 systems/mars/config/wireguard.nix        | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/nixos/services/searx/default.nix b/modules/nixos/services/searx/default.nix
index 64237ba..2f2cbeb 100755
--- a/modules/nixos/services/searx/default.nix
+++ b/modules/nixos/services/searx/default.nix
@@ -47,7 +47,7 @@ in
               "${configHelpers.host}" = {
                 extraConfig = ''
                   @allowed_ips {
-                    remote_ip ${mars.wireguard.ip0} 192.168.50.1
+                    remote_ip ${mars.wireguard.ip0}
                   }
 
                   handle @allowed_ips {
@@ -56,7 +56,7 @@ in
                     reverse_proxy ${ceres.wireguard.ip0}:${toString configHelpers.service.ports.port0}
                   }
                   handle {
-                    respond "Your IP: {remote_host}" 200
+                    respond "Access Denied" 403
                   }
                   tls ${configHelpers.service.ssl.cert} ${configHelpers.service.ssl.key}
                 '';
diff --git a/systems/mars/config/wireguard.nix b/systems/mars/config/wireguard.nix
index 2ae6428..fd2302b 100755
--- a/systems/mars/config/wireguard.nix
+++ b/systems/mars/config/wireguard.nix
@@ -16,6 +16,7 @@ in
             allowedIPs = [
               "${ceres.wireguard.ip0}/32"
               "${web.localhost.address4}/24"
+              "${web.remotehost.address0}/32"
             ];
             endpoint = "${web.remotehost.address0}:${builtins.toString service.ports.port1}";
             persistentKeepalive = 25;