clerie/nixfiles
1
0
Fork 0
Code Activity

Implement direct link between porter and gatekeeper

Browse Source
This commit is contained in:
clerie
2021-02-03 20:14:59 +01:00
parent b214a237fd
commit c83a72f955
2 changed files with 40 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
hosts/porter/configuration.nix
View File

@@ -43,6 +43,17 @@
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-carbon4";
};
wg-gatekeeper6 = {
ips = [ "fe80::101:2/64" "169.254.101.2/24" ];
peers = [ {
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "[2a01:4f8:c0c:15f1::1]:50101";
publicKey = "ZmyAqrBOmF2LxANPnICtBk3x3qpJp3i+iQrNliqdi1g=";
} ];
listenPort = 50101;
allowedIPsAsRoutes = false;
privateKeyFile = "/var/src/secrets/wireguard/wg-gatekeeper6";
};
wg-nonat6 = {
ips = [ "fe80::1337:1/64" "169.254.137.1/24" ];
peers = [ {
@@ -64,7 +75,7 @@
};
};
networking.firewall.allowedUDPPorts = [ 50138 51337 ];
networking.firewall.allowedUDPPorts = [ 50101 50138 51337 ];
services.bird2.enable = true;
services.bird2.config = ''
@@ -116,6 +127,10 @@
cost 80;
type pointopoint;
};
interface "wg-gatekeeper6" {
cost 80;
type pointopoint;
};
interface "wg-nonat6" {
cost 80;
type pointopoint;
@@ -134,6 +149,10 @@
cost 80;
type pointopoint;
};
interface "wg-gatekeeper6" {
cost 80;
type pointopoint;
};
interface "wg-nonat6" {
cost 80;
type pointopoint;