From 1bca75bc09476391c1259776eb84c679ec3d247b Mon Sep 17 00:00:00 2001
From: Steffen Illium <steffen.illium@gmail.com>
Date: Tue, 6 Jan 2026 14:31:34 +0100
Subject: [PATCH] WG range added

---
 __vars.nix    | 5 ++---
 var_reg.nix   | 5 ++++-
 wireguard.nix | 6 +++---
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/__vars.nix b/__vars.nix
index bc41d56..4611797 100644
--- a/__vars.nix
+++ b/__vars.nix
@@ -25,6 +25,7 @@ with lib;
   
   # WIREGUARD
   vars.wg_adress        = "";
+  vars.wg_range         = "";
   vars.wg_privateKey    = "";
   vars.wg_publicKey     = "";
   vars.wg_presharedKey  = "";
@@ -41,8 +42,6 @@ with lib;
   # NFS
   vars.nfs_server = "";
   vars.nfs_volume = "";
-  vars.nfs_mount = ""; 
-  
-  
+  vars.nfs_mount = "";   
   
 }
diff --git a/var_reg.nix b/var_reg.nix
index 19c222a..a0fe7c5 100644
--- a/var_reg.nix
+++ b/var_reg.nix
@@ -7,6 +7,9 @@ with lib;
     wg_adress = mkOption {
       type = types.str;
     };
+    wg_range = mkOption {
+      type = types.str;
+    };
     wg_privateKey = mkOption {
       type = types.str;
     };
@@ -75,4 +78,4 @@ with lib;
       type = types.str;
     };
   };
-}
\ No newline at end of file
+}
diff --git a/wireguard.nix b/wireguard.nix
index 00e9dd4..e7a90a9 100644
--- a/wireguard.nix
+++ b/wireguard.nix
@@ -11,16 +11,16 @@
       autostart = true;
       postUp = ''
         ${pkgs.procps}/bin/sysctl -w net.ipv4.conf.wg0.rp_filter=2
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o wg0 -d 10.6.0.1 -j SNAT --to-source ${config.vars.local_ip}
+        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.local_ip}
       '';
       postDown = ''
-        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o wg0 -d 10.6.0.1 -j SNAT --to-source ${config.vars.local_ip}
+        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.local_ip}
       '';
       privateKey = config.vars.wg_privateKey;
       peers = [{
         publicKey = config.vars.wg_publicKey;
         presharedKey = config.vars.wg_presharedKey;
-        allowedIPs = [ "10.6.0.0/24" ];
+        allowedIPs = [ config.vars.wg_range ];
         endpoint = config.vars.wg_endpoint;
         persistentKeepalive = 25;
       }];