Add public IPv6 VPN for Bula

2022-07-01 23:09:27 +02:00 · 2022-07-01 23:09:27 +02:00 · 57223d02ac
parent 525e83b9fd
commit 57223d02ac
1 changed files with 13 additions and 1 deletions
--- a/hosts/gatekeeper/configuration.nix
+++ b/hosts/gatekeeper/configuration.nix
@ -72,6 +72,18 @@
      allowedIPsAsRoutes = false;
      privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
    };
+    wg-vcp-bula = {
+      ips = [ "fe80::1/64" ];
+      peers = [
+        {
+          allowedIPs = [ "fe80::/64" "2a01:4f8:1c0c:8221::/64" ];
+          publicKey = "lD/4s628IOlb6hTu7MGWWkyZoMveClGiCjuOcHCEhxo=";
+        }
+      ];
+      listenPort = 51876;
+      allowedIPsAsRoutes = true;
+      privateKeyFile = "/var/src/secrets/wireguard/wg-vcp-bula";
+    };
    wg-vpn = {
      ips = [ "2a01:4f8:c0c:15f1::8001/113" "10.20.30.1/24" ];
      peers = [
@ -116,7 +128,7 @@
    };
  };

-  networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 60001 ];
+  networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 51876 60001 ];
  networking.firewall.extraCommands = ''
    iptables -t nat -I PREROUTING -p udp -m multiport --dports 53,993,995  -j REDIRECT --to-ports 51820
  '';