diff options
Diffstat (limited to 'makefu/1systems')
| -rw-r--r-- | makefu/1systems/vbob/config.nix | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index d4b80c90e..ffd9deaee 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -52,24 +52,21 @@ <stockholm/makefu/2configs/tinc/retiolum.nix> (let gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; - Gateway = "10.0.2.2"; + gateway = "10.0.2.2"; in { - networking.localCommands = '' - ip route add ${gum-ip} via ${Gateway} - ''; - + # make sure the route to gum gets added after the network is online + systemd.services.wireguard-wg0.after = [ "network-online.target" ]; networking.wireguard.interfaces.wg0 = { ips = [ "10.244.0.3/24" ]; privateKeyFile = (toString <secrets>) + "/wireguard.key"; - allowedIPsAsRoutes = true; # explicit route via eth0 to gum + preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; peers = [ - { - # gum + { # gum endpoint = "${gum-ip}:51820"; - # allowedIPs = [ "10.244.0.0/24" ]; - allowedIPs = [ "0.0.0.0/0" ]; + allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + persistentKeepalive = 25; } ]; }; |