From e64e66ecd20de7c51757b8b2fb1fb40256da1dca Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 3 Feb 2021 18:50:17 +0100 Subject: [PATCH] Pin tunnel ips --- hosts/porter/configuration.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/hosts/porter/configuration.nix b/hosts/porter/configuration.nix index 321e517..e442c18 100644 --- a/hosts/porter/configuration.nix +++ b/hosts/porter/configuration.nix @@ -33,7 +33,7 @@ networking.wireguard.enable = true; networking.wireguard.interfaces = { - wg-carbon = { + wg-carbon4 = { ips = [ "fe80::138:1/64" "169.254.138.1/24" ]; peers = [ { allowedIPs = [ "0.0.0.0/0" "::/0" ]; @@ -41,18 +41,18 @@ } ]; listenPort = 50138; allowedIPsAsRoutes = false; - privateKeyFile = "/var/src/secrets/wireguard/wg-carbon"; + privateKeyFile = "/var/src/secrets/wireguard/wg-carbon4"; }; - wg-nonat = { + wg-nonat6 = { ips = [ "fe80::1337:1/64" "169.254.137.1/24" ]; peers = [ { allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "nonat.net.clerie.de:51337"; + endpoint = "[2001:638:904:ffca::6]:51337"; publicKey = "Z5HltUKBSOzePqZCJjSsJPZ3UxGjFR4a5Vxmm+ePNRk="; } ]; listenPort = 51337; allowedIPsAsRoutes = false; - privateKeyFile = "/var/src/secrets/wireguard/wg-nonat"; + privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6"; }; }; @@ -112,11 +112,11 @@ export all; }; area 0 { - interface "wg-carbon" { + interface "wg-carbon4" { cost 80; type pointopoint; }; - interface "wg-nonat" { + interface "wg-nonat6" { cost 80; type pointopoint; }; @@ -130,11 +130,11 @@ export all; }; area 0 { - interface "wg-carbon" { + interface "wg-carbon4" { cost 80; type pointopoint; }; - interface "wg-nonat" { + interface "wg-nonat6" { cost 80; type pointopoint; };