doc/src/SUMMARY.md

@@ -12,5 +12,6 @@
             - [musik](./projekte/musik.md)
         - [TODO](./todo.md)
     - [How-to]()
+        - [Wireguard](./anleitung/wireguard.md)
         - [Updates](./anleitung/updates.md)
         - [Rollbacks](./anleitung/rollback.md)

doc/src/anleitung/wireguard.md

@@ -0,0 +1,11 @@
+# Wireguard
+Running on the raspberry pi  
+
+- Create new keys
+    - Enter nix shell for wg commands `nix-shell -p wireguard-tools` 
+    - New private key `wg genkey > secrets/keys/wireguard/example.key` 
+    - Encrypt with `sops -e -i secrets/keys/wireguard/example.key`
+        - commit keys only after encrypting
+    - Decrypt to stdout `sops -d secrets/keys/wireguard/example.key`
+    - Decrypt for use on a client `sops -d secrets/keys/wireguard/private.key > /tmp/private.key`
+    - Display public key `sops -d secrets/keys/wireguard/example.key | wg pubkey`