services: Add wireguard service

networking: Set up static IP address
2023-04-24 23:21:46 +01:00 · 2023-04-24 23:11:33 +01:00
2 changed files with 25 additions and 3 deletions
--- a/configuration/default.nix
+++ b/configuration/default.nix
@ -53,6 +53,7 @@
  networking = {
    hostName = "tlaternet";
    usePredictableInterfaceNames = false;
    useDHCP = false;
    firewall = {
      allowedTCPPorts = [
--- a/configuration/services/wireguard.nix
+++ b/configuration/services/wireguard.nix
@ -1,4 +1,9 @@
 {config, ...}: {
  # iptables needs to permit forwarding from wg0 to wg0
  networking.firewall.extraCommands = ''
    iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT
  '';
  systemd.network = {
    netdevs = {
      "20-wg0" = {
@ -38,11 +43,27 @@
      "20-wg0" = {
        matchConfig.Name = "wg0";
-        networkConfig.Address = [
+        networkConfig = {
-          "10.45.249.1/24"
+          Address = [
            "10.45.249.1/32"
            # TODO(tlater): Add IPv6 whenever that becomes relevant
          ];
          IPForward = "yes";
          IPv4ProxyARP = "yes";
        };
        routes = [
          {
            routeConfig = {
              Source = "10.45.249.0/24";
              Destination = "10.45.249.0/24";
              Gateway = "10.45.249.1";
              GatewayOnLink = "no";
            };
          }
        ];
        linkConfig.RequiredForOnline = "no";
      };
    };
Author	SHA1	Message	Date
Tristan Daniël Maat	4b822d94b0	services: Add wireguard service	2023-04-24 23:21:46 +01:00
Tristan Daniël Maat	9e7537acf8	networking: Set up static IP address	2023-04-24 23:11:33 +01:00