c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

freifunk: fix wg-vpn6

This commit is contained in:
Astro 2022-03-22 23:24:09 +01:00
parent 699f29e271
commit d3073d1e2c
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/containers/freifunk/default.nix
View File

@ -19,7 +19,7 @@ let
upstreamMark = 3; upstreamMark = 3;
rt_table_upstream = 100; rt_table_upstream = 100;
vpn6AddrPart = "200.16"; vpn6AddrPart = "200.2";
in { in {
imports = [ imports = [
"${modulesPath}/profiles/minimal.nix" "${modulesPath}/profiles/minimal.nix"
@ -102,14 +102,15 @@ in {
}; };
wireguardConfig = { wireguardConfig = {
PrivateKeyFile = config.sops.secrets."wireguard/vpn6/privateKey".path; PrivateKeyFile = config.sops.secrets."wireguard/vpn6/privateKey".path;
ListenPort = 5007; ListenPort = 5006;
# Mark for routing with the upstream routing table # Mark for routing with the upstream routing table
FirewallMark = upstreamMark; FirewallMark = upstreamMark;
}; };
wireguardPeers = [ { wireguardPeers = [ {
wireguardPeerConfig = { wireguardPeerConfig = {
Endpoint = "vpn4.freifunk-dresden.de:5007"; # vpn6.freifunk-dresden.de
PublicKey = "7R3K3rGtCZprgqz5/iWql4yLg9BrsaNiv5XQwJ7csn4="; Endpoint = "85.195.253.169:5006";
PublicKey = "CIJa7xiRRIrLtEB7uyzwoyaQcpe0b8F2d16+3hk8KjU=";
AllowedIPs = "10.203.${vpn6AddrPart}/32"; AllowedIPs = "10.203.${vpn6AddrPart}/32";
}; };
} ]; } ];