diff options
Diffstat (limited to 'hosts/surtr/vpn/default.nix')
| -rw-r--r-- | hosts/surtr/vpn/default.nix | 30 |
1 files changed, 9 insertions, 21 deletions
diff --git a/hosts/surtr/vpn/default.nix b/hosts/surtr/vpn/default.nix index 74a9fb22..61a9d544 100644 --- a/hosts/surtr/vpn/default.nix +++ b/hosts/surtr/vpn/default.nix | |||
| @@ -63,10 +63,8 @@ in { | |||
| 63 | ListenPort = 51820; | 63 | ListenPort = 51820; |
| 64 | }; | 64 | }; |
| 65 | wireguardPeers = imap1 (i: { name, ip ? i }: { | 65 | wireguardPeers = imap1 (i: { name, ip ? i }: { |
| 66 | wireguardPeerConfig = { | 66 | AllowedIPs = ["${prefix6}:${toString ip}::/96" "${prefix4}.${toString ip}/32"]; |
| 67 | AllowedIPs = ["${prefix6}:${toString ip}::/96" "${prefix4}.${toString ip}/32"]; | 67 | PublicKey = trim (readFile (./. + "/${name}.pub")); |
| 68 | PublicKey = trim (readFile (./. + "/${name}.pub")); | ||
| 69 | }; | ||
| 70 | }) [ { name = "geri"; } { name = "sif"; } ]; | 68 | }) [ { name = "geri"; } { name = "sif"; } ]; |
| 71 | }; | 69 | }; |
| 72 | }; | 70 | }; |
| @@ -86,19 +84,13 @@ in { | |||
| 86 | MulticastDNS = false; | 84 | MulticastDNS = false; |
| 87 | }; | 85 | }; |
| 88 | routes = [ | 86 | routes = [ |
| 89 | { routeConfig = { | 87 | { Destination = "202.61.240.1"; |
| 90 | Destination = "202.61.240.1"; | ||
| 91 | }; | ||
| 92 | } | 88 | } |
| 93 | { routeConfig = { | 89 | { Destination = "0.0.0.0/0"; |
| 94 | Destination = "0.0.0.0/0"; | 90 | Gateway = "202.61.240.1"; |
| 95 | Gateway = "202.61.240.1"; | ||
| 96 | }; | ||
| 97 | } | 91 | } |
| 98 | { routeConfig = { | 92 | { Destination = "::/0"; |
| 99 | Destination = "::/0"; | 93 | Gateway = "fe80::1"; |
| 100 | Gateway = "fe80::1"; | ||
| 101 | }; | ||
| 102 | } | 94 | } |
| 103 | ]; | 95 | ]; |
| 104 | extraConfig = '' | 96 | extraConfig = '' |
| @@ -114,13 +106,9 @@ in { | |||
| 114 | }; | 106 | }; |
| 115 | address = ["${prefix6}::/96" "${prefix4}.0/32"]; | 107 | address = ["${prefix6}::/96" "${prefix4}.0/32"]; |
| 116 | routes = [ | 108 | routes = [ |
| 117 | { routeConfig = { | 109 | { Destination = "${prefix6}::/80"; |
| 118 | Destination = "${prefix6}::/80"; | ||
| 119 | }; | ||
| 120 | } | 110 | } |
| 121 | { routeConfig = { | 111 | { Destination = "${prefix4}.0/24"; |
| 122 | Destination = "${prefix4}.0/24"; | ||
| 123 | }; | ||
| 124 | } | 112 | } |
| 125 | ]; | 113 | ]; |
| 126 | linkConfig = { | 114 | linkConfig = { |