From 1245db5af989dfc29b818c4fee7a1780f3e2fce5 Mon Sep 17 00:00:00 2001
From: ahtlon <atlan@ahtlon.de>
Date: Thu, 14 Nov 2024 19:57:05 +0100
Subject: [PATCH] Documentation for wireguard key creation

---
 doc/src/SUMMARY.md             |  1 +
 doc/src/anleitung/wireguard.md | 11 +++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 doc/src/anleitung/wireguard.md

diff --git a/doc/src/SUMMARY.md b/doc/src/SUMMARY.md
index 18c465da..afc55a15 100644
--- a/doc/src/SUMMARY.md
+++ b/doc/src/SUMMARY.md
@@ -14,6 +14,7 @@
     - [How-to]()
         - [Create New Host](./anleitung/create.md)
         - [Sops](./anleitung/sops.md)            
+        - [Wireguard](./anleitung/wireguard.md)
         - [Updates](./anleitung/updates.md)
         - [Rollbacks](./anleitung/rollback.md)
         - [MicroVM](./anleitung/microvm.md)
diff --git a/doc/src/anleitung/wireguard.md b/doc/src/anleitung/wireguard.md
new file mode 100644
index 00000000..1cae4225
--- /dev/null
+++ b/doc/src/anleitung/wireguard.md
@@ -0,0 +1,11 @@
+# Wireguard
+Running on the raspberry pi  
+
+- Create new keys
+    - Enter nix shell for wg commands `nix-shell -p wireguard-tools` 
+    - New private key `wg genkey > secrets/keys/wireguard/example.key` 
+    - Encrypt with `sops -e -i secrets/keys/wireguard/example.key`
+        - commit keys only after encrypting
+    - Decrypt to stdout `sops -d secrets/keys/wireguard/example.key`
+    - Decrypt for use on a client `sops -d secrets/keys/wireguard/private.key > /tmp/private.key`
+    - Display public key `sops -d secrets/keys/wireguard/example.key | wg pubkey`