Add wireguard service

networking: Set up static IP address
2023-04-23 23:57:41 +01:00 · 2023-04-23 23:43:43 +01:00
2 changed files with 3 additions and 25 deletions
--- a/configuration/default.nix
+++ b/configuration/default.nix
@ -53,7 +53,6 @@
  networking = {
    hostName = "tlaternet";
    usePredictableInterfaceNames = false;
-    useDHCP = false;

    firewall = {
      allowedTCPPorts = [
--- a/configuration/services/wireguard.nix
+++ b/configuration/services/wireguard.nix
@ -1,9 +1,4 @@
 {config, ...}: {
-  # iptables needs to permit forwarding from wg0 to wg0
-  networking.firewall.extraCommands = ''
-    iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT
-  '';
-
  systemd.network = {
    netdevs = {
      "20-wg0" = {
@ -43,25 +38,9 @@
      "20-wg0" = {
        matchConfig.Name = "wg0";

-        networkConfig = {
-          Address = [
-            "10.45.249.1/32"
-            # TODO(tlater): Add IPv6 whenever that becomes relevant
-          ];
-
-          IPForward = "yes";
-          IPv4ProxyARP = "yes";
-        };
-
-        routes = [
-          {
-            routeConfig = {
-              Source = "10.45.249.0/24";
-              Destination = "10.45.249.0/24";
-              Gateway = "10.45.249.1";
-              GatewayOnLink = "no";
-            };
-          }
+        networkConfig.Address = [
+          "10.45.249.1/24"
+          # TODO(tlater): Add IPv6 whenever that becomes relevant
        ];

        linkConfig.RequiredForOnline = "no";
Author	SHA1	Message	Date
Tristan Daniël Maat	d6333c0a57	Add wireguard service	2023-04-23 23:57:41 +01:00
Tristan Daniël Maat	dc03395af5	networking: Set up static IP address	2023-04-23 23:43:43 +01:00