c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

udpate

This commit is contained in:
Leon Vita 2022-09-25 20:10:44 +01:00
parent 73d3076573
commit b408bcc2bd
1 changed files with 4 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
hosts/leon/default.nix
View File

@ -58,7 +58,7 @@
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim python3Full nmap htop wireguard-tools
wget vim python3Full python310Packages.pip nmap htop wireguard-tools
];
@ -76,17 +76,6 @@
allowedUDPPorts = [ 5000 22 53 80 8080 18900 19900 ];
};
#-------------------------------VPN---------------------------------
# enable NAT
# networking.nat.enable = true;
# networking.nat.externalInterface = "eth0";
# networking.nat.internalInterfaces = [ "wg0" ];
# networking.firewall = {
# allowedUDPPorts = [ 51820 ];
# };
#_______________________________Begin-VPN1-Server____________________________________
networking.wireguard.interfaces = {
@ -94,12 +83,9 @@
vpn1 = {
#IP address && Subnet.
ips = [ "10.10.11.1/24" ];
#VPN Port.
listenPort = 18900;
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
privateKeyFile = "/etc/wireguard/privatekey";
#----------------------Start-Routing----------------------------
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.10.11.1/24 -o flpk -j MASQUERADE
@ -110,15 +96,8 @@
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.10.11.1/24 -o flpk -j MASQUERADE
'';
#----------------------End-Routing----------------------------
# Path to the private key file.
#
# Note: The private key can also be included inline via the privateKey option,
# but this makes the private key world-readable; thus, using privateKeyFile is
# recommended.
privateKeyFile = "/etc/wireguard/privatekey";
peers = [
peers = [
# ------------------leon-------------------------.
{
#leoncloud-vm