clerie/nixfiles
1
0
Fork 0
Code

hosts/aluminium: use policyrouting for IPv4 too

Browse Source
This commit is contained in:
clerie 2022-12-30 17:46:11 +01:00
parent bba5d8c044
commit 1ba4c66697
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/aluminium/configuration.nix
View File

@ -20,12 +20,21 @@
networking.hostName = "aluminium"; networking.hostName = "aluminium";
networking.iproute2.enable = true;
networking.iproute2.rttablesExtraConfig = ''
200 wg-clerie
'';
petabyte.policyrouting = { petabyte.policyrouting = {
enable = true; enable = true;
rules6 = [ rules6 = [
{ rule = "from 2a01:4f8:c0c:15f1::8106/128 lookup 200"; prio = 20000; } { rule = "from 2a01:4f8:c0c:15f1::8106/128 lookup wg-clerie"; prio = 20000; }
{ rule = "from 2a01:4f8:c0c:15f1::8106/128 unreachable"; prio = 20001; } { rule = "from 2a01:4f8:c0c:15f1::8106/128 unreachable"; prio = 20001; }
]; ];
rules4 = [
{ rule = "from 10.20.30.106/32 lookup wg-clerie"; prio = 20000; }
{ rule = "from 10.20.30.106/32 unreachable"; prio = 20001; }
];
}; };
@ -33,7 +42,7 @@
networking.wireguard.interfaces = { networking.wireguard.interfaces = {
wg-clerie = { wg-clerie = {
ips = [ "2a01:4f8:c0c:15f1::8106/128" "10.20.30.106/32" ]; ips = [ "2a01:4f8:c0c:15f1::8106/128" "10.20.30.106/32" ];
table = "200"; table = "wg-clerie";
peers = [ peers = [
{ {
endpoint = "vpn.clerie.de:51820"; endpoint = "vpn.clerie.de:51820";