Fix wireguard configuration

host/montalin/applications/default.nix

@@ -3,7 +3,6 @@
   imports = [
     ./cloud.nix
     ./feedreader.nix
-    ./vpn.nix
     #./dns.nix #TODO
     #./wallabag.nix #TODO
     #./id.nix #TODO

host/montalin/applications/vpn.nix

@@ -1,13 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  meta = import ../../../meta;
-  network = meta.network.virtual;
-  networkName = "mgmt";
-in {
-  networking.wireguard.enable = true;
-  networking.wireguard.interfaces = {
-    "wg-${networkName}" =
-      pkgs.lib.qois.wireguard.makeInterface config.networking.hostName
-      networkName network.${networkName};
-  };
-}

host/montalin/networking.nix

@@ -24,6 +24,8 @@ in {
   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts =
+    [ meta.network.virtual.mgmt.server.port ];
 
   services.qois.luks-ssh = {
     enable = true;
@@ -33,4 +35,14 @@ in {
     gateway = plessur-net.dmz.v4.gateway;
     sshPort = 2222;
   };
+
+  networking.wireguard.enable = true;
+  networking.wireguard.interfaces = let
+    network = meta.network.virtual;
+    networkName = "mgmt";
+  in {
+    "wg-${networkName}" =
+      pkgs.lib.qois.wireguard.makeInterface config.networking.hostName
+      networkName network.${networkName};
+  };
 }