clerie/nixfiles
1
0
Fork 0
Code Activity

Implement direct link between porter and gatekeeper

Browse Source
This commit is contained in:
clerie
2021-02-03 20:14:59 +01:00
parent b214a237fd
commit c83a72f955
2 changed files with 40 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
hosts/gatekeeper/configuration.nix
View File

@@ -50,6 +50,17 @@
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-carbon4";
};
wg-porter6 = {
ips = [ "fe80::101:1/64" "169.254.101.1/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "[2a03:4000:6:48d::1]:50101";
publicKey = "Jr1GBeNWrYjz7QyiI8XSOSRo/kGsCCtGGAzxmM5Hkn0=";
} ];
listenPort = 50101;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-porter6";
};
wg-nonat6 = {
ips = [ "fe80::128:1/64" "169.254.128.1/24" ];
peers = [ {
@@ -100,7 +111,7 @@
};
};
networking.firewall.allowedUDPPorts = [ 50127 50128 51820 ];
networking.firewall.allowedUDPPorts = [ 50101 50127 50128 51820 ];
clerie.nginx-port-forward = {
enable = true;
@@ -190,6 +201,10 @@
cost 80;
type pointopoint;
};
interface "wg-porter6" {
cost 80;
type pointopoint;
};
interface "wg-nonat6" {
cost 80;
type pointopoint;
@@ -208,6 +223,10 @@
cost 80;
type pointopoint;
};
interface "wg-porter6" {
cost 80;
type pointopoint;
};
interface "wg-nonat6" {
cost 80;
type pointopoint;