albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Test

Browse source
This commit is contained in:
iFargle 2023-10-08 16:46:32 +09:00
parent f6e979f5f1
commit db37fd0b1d
1 changed files with 0 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
nixos/hosts/osaka-vultr-01/default.nix
View file

@ -50,13 +50,9 @@
listenPort = 51820; listenPort = 51820;
privateKeyFile = "/run/secrets/wireguard_keys/osaka-vultr-01"; privateKeyFile = "/run/secrets/wireguard_keys/osaka-vultr-01";
postSetup = '' postSetup = ''
${pkgs.iptables}/bin/iptables -A FORWARD -i wireguard0 -j ACCEPT
${pkgs.iptables}/bin/iptables -A FORWARD -o wireguard0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE
''; '';
postShutdown = '' postShutdown = ''
${pkgs.iptables}/bin/iptables -D FORWARD -i wireguard0 -j ACCEPT
${pkgs.iptables}/bin/iptables -D FORWARD -o wireguard0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eno3 -j MASQUERADE
''; '';
peers = [ peers = [
@ -91,9 +87,5 @@
enable = true; enable = true;
internalInterfaces = [ "wireguard0" ]; internalInterfaces = [ "wireguard0" ];
externalInterface = "eno3"; externalInterface = "eno3";
forwardPorts = [
{ sourcePort = 80; destination = "10.100.0.2:80"; }
{ sourcePort = 443; destination = "10.100.0.2:443"; }
];
}; };
} }