nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity

wireguard: config serveur pour NAT

Browse Source
This commit is contained in:
nyanloutre 2019-10-04 22:34:13 +02:00
parent f621cb3a21
commit a06a8bebab
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
systems/LoutreOS/services.nix
View File

@ -502,16 +502,19 @@ in
ips = [ "192.168.20.1/24" ]; ips = [ "192.168.20.1/24" ];
privateKeyFile = "/mnt/secrets/wireguard/wg0.privatekey"; privateKeyFile = "/mnt/secrets/wireguard/wg0.privatekey";
listenPort = 51820; listenPort = 51820;
allowedIPsAsRoutes = false; allowedIPsAsRoutes = true;
peers = [ peers = [
{ {
allowedIPs = [ "0.0.0.0/0" ]; allowedIPs = [ "192.168.20.2/32" ];
publicKey = "b/SXiqo+GPdNOc54lyEVeUBc6B5AbVMKh+g5EZPGzlE="; publicKey = "b/SXiqo+GPdNOc54lyEVeUBc6B5AbVMKh+g5EZPGzlE=";
} }
]; ];
}; };
}; };
nat.internalInterfaces = [ "wg0" ];
nat.internalIPs = [ "192.168.20.0/24" ];
firewall.allowedTCPPorts = [ firewall.allowedTCPPorts = [
51413 # Transmission 51413 # Transmission
8448 # Matrix federation 8448 # Matrix federation