wireguard partial setup

2024-11-20 09:15:56 +01:00 · 2024-11-20 09:15:56 +01:00 · e8e4c4b311
commit e8e4c4b311
parent 67d7b6669f
1 changed files with 39 additions and 2 deletions
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@ -146,14 +146,15 @@
        };
        wireguardConfig = {
          PrivateKeyFile = "/run/keys/wireguard-privkey";
-          #ListenPort = 9918;
+          FirewallMark = 51820;
        };
        wireguardPeers = [          
          {
            wireguardPeerConfig = {
+              Endpoint = "89.234.141.83:8095";
              PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
+              PresharedKeyFile = "/run/keys/wireguard-psk.key";
              AllowedIPs = ["0.0.0.0/0" "::/0"];
-              Endpoint = "89.234.141.83";
              PersistentKeepalive = 15;
            };
          }
@ -183,6 +184,42 @@
          "89.234.141.196/32"
          "2a00:5881:8119:400::1/128"
        ];
+        # routingPolicyRules = [
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       FirewallMark = "51820";
+        #       InvertRule = true;
+        #       Table = "51820";
+        #       Priority = "10";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "10.0.0.0/8";
+        #       Priority = "9";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "192.168.0.0/16";
+        #       Priority = "9";
+        #     };
+        #   }
+        #   {
+        #     routingPolicyRuleConfig = {
+        #       To = "89.234.141.83/32";
+        #       Priority = "5";
+        #     };
+        #   }
+        # ];
+        # routes = [
+        #   {
+        #     routeConfig = {
+        #       Destination = "0.0.0.0/0";
+        #       Table = 51820;
+        #     };
+        #   }
+        # ];
      };
      "40-eno2" = {
        networkConfig = {