clerie/nixfiles
1
0
Fork 0
Code

Add public IPv6 VPN for Bula

Browse Source
This commit is contained in:
clerie 2022-07-01 23:09:27 +02:00
parent 525e83b9fd
commit 57223d02ac
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/gatekeeper/configuration.nix
View File

@ -72,6 +72,18 @@
allowedIPsAsRoutes = false; allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6"; privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
}; };
wg-vcp-bula = {
ips = [ "fe80::1/64" ];
peers = [
{
allowedIPs = [ "fe80::/64" "2a01:4f8:1c0c:8221::/64" ];
publicKey = "lD/4s628IOlb6hTu7MGWWkyZoMveClGiCjuOcHCEhxo=";
}
];
listenPort = 51876;
allowedIPsAsRoutes = true;
privateKeyFile = "/var/src/secrets/wireguard/wg-vcp-bula";
};
wg-vpn = { wg-vpn = {
ips = [ "2a01:4f8:c0c:15f1::8001/113" "10.20.30.1/24" ]; ips = [ "2a01:4f8:c0c:15f1::8001/113" "10.20.30.1/24" ];
peers = [ peers = [
@ -116,7 +128,7 @@
}; };
}; };
networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 60001 ]; networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 51876 60001 ];
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
iptables -t nat -I PREROUTING -p udp -m multiport --dports 53,993,995 -j REDIRECT --to-ports 51820 iptables -t nat -I PREROUTING -p udp -m multiport --dports 53,993,995 -j REDIRECT --to-ports 51820
''; '';