Compare commits
2 commits
d6333c0a57
...
4b822d94b0
Author | SHA1 | Date | |
---|---|---|---|
Tristan Daniël Maat | 4b822d94b0 | ||
Tristan Daniël Maat | 9e7537acf8 |
|
@ -53,6 +53,7 @@
|
|||
networking = {
|
||||
hostName = "tlaternet";
|
||||
usePredictableInterfaceNames = false;
|
||||
useDHCP = false;
|
||||
|
||||
firewall = {
|
||||
allowedTCPPorts = [
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
{config, ...}: {
|
||||
# iptables needs to permit forwarding from wg0 to wg0
|
||||
networking.firewall.extraCommands = ''
|
||||
iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT
|
||||
'';
|
||||
|
||||
systemd.network = {
|
||||
netdevs = {
|
||||
"20-wg0" = {
|
||||
|
@ -38,11 +43,27 @@
|
|||
"20-wg0" = {
|
||||
matchConfig.Name = "wg0";
|
||||
|
||||
networkConfig.Address = [
|
||||
"10.45.249.1/24"
|
||||
networkConfig = {
|
||||
Address = [
|
||||
"10.45.249.1/32"
|
||||
# TODO(tlater): Add IPv6 whenever that becomes relevant
|
||||
];
|
||||
|
||||
IPForward = "yes";
|
||||
IPv4ProxyARP = "yes";
|
||||
};
|
||||
|
||||
routes = [
|
||||
{
|
||||
routeConfig = {
|
||||
Source = "10.45.249.0/24";
|
||||
Destination = "10.45.249.0/24";
|
||||
Gateway = "10.45.249.1";
|
||||
GatewayOnLink = "no";
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
linkConfig.RequiredForOnline = "no";
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue