Test

nixos/hosts/osaka-vultr-01/default.nix

@@ -46,17 +46,8 @@
         listenPort = 51820;
         privateKeyFile = "/run/secrets/wireguard_keys/osaka-vultr-01";
 
-        postSetup    = ''
+        postSetup    = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE'';
-          ${pkgs.iptables}/bin/iptables -A FORWARD -i %i -j ACCEPT
+        postShutdown = ''${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE'';
-          ${pkgs.iptables}/bin/iptables -A FORWARD -o %i -j ACCEPT
-          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE
-          '';
-        postShutdown = ''
-          ${pkgs.iptables}/bin/iptables -D FORWARD -i %i -j ACCEPT
-          ${pkgs.iptables}/bin/iptables -D FORWARD -o %i -j ACCEPT
-          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE
-          '';
-        # Testing
         peers = [
           { # nixos-rpi4-03
             publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
@@ -75,11 +66,7 @@
     internalInterfaces =  [ "wireguard0" ];
     internalIPs = [ "10.100.0.0/24" ];
     forwardPorts = [
-      {
+      { sourcePort = 80; destination = "10.100.0.2:80"; }
-        sourcePort = 80;
-        destination = "10.100.0.2:80";
-        proto = "tcp";
-      }
     ];
   };
 }