1
0

Pin tunnel ips on nonat

This commit is contained in:
clerie 2021-02-03 19:37:15 +01:00
parent e64e66ecd2
commit 882385b6dd

View File

@ -52,27 +52,27 @@
networking.wireguard.enable = true;
networking.wireguard.interfaces = {
wg-gatekeeper = {
wg-gatekeeper6 = {
ips = [ "fe80::128:2/64" "169.254.128.2/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "gatekeeper.net.clerie.de:50128";
endpoint = "[2a01:4f8:c0c:15f1::1]:50128";
publicKey = "7QHjiBbWhpOw4OX3Ye58v0YEOqhdfGJSyaHCdiCa20Q=";
} ];
listenPort = 50128;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-gatekeeper";
privateKeyFile = "/var/src/secrets/wireguard/wg-gatekeeper6";
};
wg-porter = {
wg-porter6 = {
ips = [ "fe80::1337:2/64" "169.254.137.2/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "porter.net.clerie.de:51337";
endpoint = "[2a03:4000:6:48d::1]:51337";
publicKey = "TzQV60SvPZuJ9yTzvyGwejyXw1SlKkilS4UUvrQcyGk=";
} ];
listenPort = 51337;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-porter";
privateKeyFile = "/var/src/secrets/wireguard/wg-porter6";
};
};
@ -134,11 +134,11 @@
export all;
};
area 0 {
interface "wg-gatekeeper" {
interface "wg-gatekeeper6" {
cost 80;
type pointopoint;
};
interface "wg-porter" {
interface "wg-porter6" {
cost 80;
type pointopoint;
};
@ -152,11 +152,11 @@
export all;
};
area 0 {
interface "wg-gatekeeper" {
interface "wg-gatekeeper6" {
cost 80;
type pointopoint;
};
interface "wg-porter" {
interface "wg-porter6" {
cost 80;
type pointopoint;
};