jasmine/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix network for wireguard to ethernet

Browse source
This commit is contained in:
♥ Minnie ♥ 2024-04-01 10:00:42 +08:00
parent 1b60568c2c
commit 20b7924463
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/common/optional/wireguard/default.nix
View file

@ -9,7 +9,7 @@
networking = {
nat = {
enable = true;
externalInterface = "wlp2s0";
externalInterface = "eno1";
internalInterfaces = [ "wg0" ];
};
wireguard.interfaces = {
@ -20,11 +20,11 @@
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o wlp2s0 -j MASQUERADE
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eno1 -j MASQUERADE
'';
# This undoes the above command
postShutdown = ''
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o wlp2s0 -j MASQUERADE
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eno1 -j MASQUERADE
'';
# Path to the private key file.
privateKeyFile = config.age.secrets.wireguard.path;