vinzenz/nixos-configuration
0
0
Fork 0
mirror of https://github.com/kaesaecracker/nixos-configuration.git synced 2025-01-18 18:40:14 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add lpt

Browse source
This commit is contained in:
Vinzenz Schroeter 2023-09-17 11:53:34 +02:00
parent cff4840824
commit 8b11705965
1 changed files with 13 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
hetzner-vpn1.nix
View file

@ -1,4 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: let
wg_port = 51820;
in {
imports = [ imports = [
(import ./modules { (import ./modules {
hostName = "hetzner-vpn1"; hostName = "hetzner-vpn1";
@ -27,17 +29,17 @@
networking.nat.externalInterface = "eth0"; networking.nat.externalInterface = "eth0";
networking.nat.internalInterfaces = ["wg0"]; networking.nat.internalInterfaces = ["wg0"];
networking.firewall = { networking.firewall = {
allowedUDPPorts = [51820]; allowedUDPPorts = [wg_port];
}; };
networking.wireguard.interfaces = { networking.wireguard.interfaces = {
# "wg0" is the network interface name. You can name the interface arbitrarily. # "wg0" is the network interface name. You can name the interface arbitrarily.
wg0 = { wg0 = {
# Determines the IP address and subnet of the server's end of the tunnel interface. # Determines the IP address and subnet of the server's end of the tunnel interface.
ips = ["10.100.0.1/24"]; ips = ["10.100.0.1/32"];
# The port that WireGuard listens to. Must be accessible by the client. # The port that WireGuard listens to. Must be accessible by the client.
listenPort = 51820; listenPort = wg_port;
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN # This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
@ -59,7 +61,13 @@
# Phone # Phone
publicKey = "/sjNk9rXaMdrCHD2kmut1AXD1UhF1xcZ4ju+EmFGcCk="; publicKey = "/sjNk9rXaMdrCHD2kmut1AXD1UhF1xcZ4ju+EmFGcCk=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
#allowedIPs = ["10.100.0.2/32"]; allowedIPs = ["10.100.0.2/32"];
}
{
# vinzenz-lpt
publicKey = "D/6431f8oJ61C5vjjEIpY5Rc750oK4yVh9B/32q4xAE=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
allowedIPs = ["10.100.0.3/32"];
} }
]; ];
}; };