tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 9 Pull requests Releases Activity

Compare commits

base: tlaternet:d6333c0a57b6fc162d934dd8f6061d137990dd48
Branches Tags
tlaternet:master
tlaternet:tlater/with-minecraft
tlaternet:tlater/nixpkgs-formatting
tlaternet:tlater/authelia
..
compare: tlaternet:4b822d94b0396af1390358df0cf9e76cc0b87824
Branches Tags
tlaternet:tlater/with-minecraft
tlaternet:master
tlaternet:tlater/nixpkgs-formatting
tlaternet:tlater/authelia

2 commits
d6333c0a57 ... 4b822d94b0

Author SHA1 Message Date
Tristan Daniël Maat 4b822d94b0
services: Add wireguard service 2023-04-24 23:21:46 +01:00
Tristan Daniël Maat 9e7537acf8
networking: Set up static IP address 2023-04-24 23:11:33 +01:00
2 changed files with 25 additions and 3 deletions
Show stats Expand all files Collapse all files

1
configuration/default.nix
View file

@ -53,6 +53,7 @@
networking = { networking = {
hostName = "tlaternet"; hostName = "tlaternet";
usePredictableInterfaceNames = false; usePredictableInterfaceNames = false;
useDHCP = false;
firewall = { firewall = {
allowedTCPPorts = [ allowedTCPPorts = [

25
configuration/services/wireguard.nix
View file

@ -1,4 +1,9 @@
{config, ...}: { {config, ...}: {
# iptables needs to permit forwarding from wg0 to wg0
networking.firewall.extraCommands = ''
iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT
'';
systemd.network = { systemd.network = {
netdevs = { netdevs = {
"20-wg0" = { "20-wg0" = {
@ -38,11 +43,27 @@
"20-wg0" = { "20-wg0" = {
matchConfig.Name = "wg0"; matchConfig.Name = "wg0";
networkConfig.Address = [ networkConfig = {
"10.45.249.1/24" Address = [
"10.45.249.1/32"
# TODO(tlater): Add IPv6 whenever that becomes relevant # TODO(tlater): Add IPv6 whenever that becomes relevant
]; ];
IPForward = "yes";
IPv4ProxyARP = "yes";
};
routes = [
{
routeConfig = {
Source = "10.45.249.0/24";
Destination = "10.45.249.0/24";
Gateway = "10.45.249.1";
GatewayOnLink = "no";
};
}
];
linkConfig.RequiredForOnline = "no"; linkConfig.RequiredForOnline = "no";
}; };
}; };