diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-09 11:25:49 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-09 11:25:49 +0200 |
commit | cbe13936a152eaab0e421c9dd1d19787e2ed7f16 (patch) | |
tree | 5900bab6d2c2c7a86e42fff233f2ba9814c117d9 /modules/yggdrasil-wg | |
parent | 0365d3e1efc936ead80fb768312bb005780d2940 (diff) | |
download | nixos-cbe13936a152eaab0e421c9dd1d19787e2ed7f16.tar nixos-cbe13936a152eaab0e421c9dd1d19787e2ed7f16.tar.gz nixos-cbe13936a152eaab0e421c9dd1d19787e2ed7f16.tar.bz2 nixos-cbe13936a152eaab0e421c9dd1d19787e2ed7f16.tar.xz nixos-cbe13936a152eaab0e421c9dd1d19787e2ed7f16.zip |
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r-- | modules/yggdrasil-wg/default.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index e81fee84..d0d6e522 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
@@ -91,6 +91,7 @@ in { | |||
91 | 91 | ||
92 | networking.hosts = mkIf inNetwork (listToAttrs (concatMap ({name, value}: map (ip: nameValuePair (stripSubnet ip) ["${name}.yggdrasil"]) value) (mapAttrsToList nameValuePair hostIPs))); | 92 | networking.hosts = mkIf inNetwork (listToAttrs (concatMap ({name, value}: map (ip: nameValuePair (stripSubnet ip) ["${name}.yggdrasil"]) value) (mapAttrsToList nameValuePair hostIPs))); |
93 | 93 | ||
94 | systemd.services.firewall.path = optionals isRouter [pkgs.procps]; | ||
94 | networking.firewall = mkIf isRouter { | 95 | networking.firewall = mkIf isRouter { |
95 | extraCommands = '' | 96 | extraCommands = '' |
96 | iptables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept | 97 | iptables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept |