From 9eb2fb98f04a2986c2fe7a1ef9c04b439d86e15f Mon Sep 17 00:00:00 2001 From: iFargle Date: Wed, 6 Dec 2023 11:30:40 +0900 Subject: [PATCH] Test --- nixos/hosts/framework-server/default.nix | 4 ++-- nixos/hosts/framework-server/wireguard.nix | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix index f00160e6..8e19620b 100644 --- a/nixos/hosts/framework-server/default.nix +++ b/nixos/hosts/framework-server/default.nix @@ -54,8 +54,8 @@ # Forward mail port 25 to sysctl.io / linode networking.firewall.extraCommands = '' - iptables -t nat -A OUTPUT -p tcp --dport 25 -j DNAT --to-destination 10.100.0.1:25 - iptables -t nat -A OUTPUT -p tcp --dport 25 -j DNAT --to-destination 10.100.0.1:25 + iptables -A PREROUTING -t nat -i wireguard0 -p tcp --dport 25 -j DNAT --to 10.100.0.1:25 + iptables -A INPUT -p tcp -m state --state NEW --dport 25 -i wireguard0 -j ACCEPT ''; boot.initrd.services.udev.rules = '' diff --git a/nixos/hosts/framework-server/wireguard.nix b/nixos/hosts/framework-server/wireguard.nix index e95c6662..2a173540 100644 --- a/nixos/hosts/framework-server/wireguard.nix +++ b/nixos/hosts/framework-server/wireguard.nix @@ -26,7 +26,6 @@ presharedKeyFile = "/run/secrets/wireguard_keys/preshared_key"; persistentKeepalive = 5; allowedIPs = [ "10.100.0.1/32" ]; - # endpoint = "64.176.54.57:51820"; # osaka-vultr-01 endpoint = "172.234.84.222:51820"; # osaka-linode-01 } ];