flake cleanup and wg setup persistence

configs/container_config.nix

@@ -1,4 +1,4 @@
-{ modulesPath, pkgs, ... }: {
+{ modulesPath, pkgs, lib, ... }: {
   imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ];
 
   time.timeZone = "Europe/Berlin";
@@ -43,7 +43,24 @@
   };
 
   # Enable networking
-  networking.networkmanager.enable = true;
+  networking = {
+    networkmanager.enable = true;
+    
+    # configure firewall
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [ 22 ];
+    };
+
+    # enable routing of wireguard reachable subnet via wgbr
+    interfaces.wgbr.ipv4.routes = lib.mkDefault [
+      {
+        address = "10.8.0.0";
+        prefixLength = 16;
+        via = "10.8.1.1";
+      }
+    ];
+  };
 
   # enable ssh access
   services.openssh = {
@@ -58,9 +75,6 @@
     };
   };
 
-  # configure firewall
-  networking.firewall.enable = true;
-  networking.firewall.allowedTCPPorts = [ 22 ];
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions