From 4afbcba9e3e591cf60ad17c1fe42682434d6cf4b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 10 Oct 2021 13:17:59 +0200 Subject: yggdrasil-wg: ... --- modules/yggdrasil-wg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 9ecbe663..60a153cf 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix @@ -87,7 +87,7 @@ in { requiredBy = ["wireguard-yggdrasil.service"]; serviceConfig = { - ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l localhost:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r localhost:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a"; + ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l 127.0.0.1:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r 127.0.0.1:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a"; }; } else null)) hostLinks)) // { firewall.path = optionals isRouter [pkgs.procps]; -- cgit v1.2.3