steffen/nixconf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

interfaces and package config externalized, also tmux added and version variable

Browse Source
This commit is contained in:
Steffen Illium
2025-07-16 20:33:59 +02:00
parent 80d8003e4d
commit 47f7bc25b7
6 changed files with 49 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
wireguard.nix
View File

@@ -1,8 +1,8 @@
{ config, pkgs, ... }: {
{ config, lib, pkgs, ... }: {
networking.nat.enable = true;
networking.nat.externalInterface = "enp1s0";
networking.nat.internalInterfaces = [ "wg0" ];
networking.nat.externalInterface = lib.head config.vars.interfaces;
networking.nat.internalInterfaces = [ "wg0" ] ++ config.vars.interfaces;
networking.wg-quick.interfaces = {
wg0 = {
@@ -11,11 +11,11 @@
autostart = true;
postUp = ''
${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o ${lib.head config.vars.interfaces} -j MASQUERADE
'';
postDown = ''
${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o enp1s0
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o ${lib.head config.vars.interfaces}
'';
privateKey = config.vars.wg_privateKey;
peers = [{
@@ -27,5 +27,6 @@
}];
};
};
}
environment.systemPackages = [ pkgs.wireguard-tools ];
}