VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Initial wireguard IPv6 test

Browse source
This commit is contained in:
Vili Sinervä 2024-09-24 20:01:29 +03:00
parent 91193a9e8f
commit 60fe1a949b
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
3 changed files with 67 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

57
machine-confs/lithium.nix
View file

@ -5,27 +5,50 @@
firewall.allowedUDPPorts = [ 51820 ];
wg-quick.interfaces.wg0 = {
autostart = true;
address = [ "172.16.0.4/24" ];
dns = [
"192.168.0.1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
wg-quick.interfaces = {
wg0 = {
autostart = false;
address = [ "172.16.0.4/24" ];
dns = [
"192.168.0.1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
peers = [
{
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
allowedIPs = [ "0.0.0.0/0" ];
endpoint = "wg.vsinerva.fi:51820";
}
];
peers = [
{
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
allowedIPs = [ "0.0.0.0/0" ];
endpoint = "wg.vsinerva.fi:51820";
}
];
};
wg1 = {
autostart = true;
address = [ "fd08:d473:bcca:f0::3/64" ];
dns = [
"fd08:d473:bcca::1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
peers = [
{
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
allowedIPs = [
"fd08:d473:bcca::/64"
"fd08:d473:bcca:f0::/64"
];
endpoint = "wg.vsinerva.fi:51821";
}
];
};
};
};
# Dirty hack to fix autostart failing due to DNS lookups
systemd.services."wg-quick-wg0".serviceConfig = {
systemd.services."wg-quick-wg1".serviceConfig = {
Restart = "on-failure";
RestartSec = "1s";
};