System Gen165 @ 2025-04-23-23:50:24

2025-04-23 23:50:25 +02:00 · 2025-04-23 23:50:25 +02:00 · 171c5bf9c3
commit 171c5bf9c3
parent 3cf3a6b0be
3 changed files with 11 additions and 11 deletions
--- a/modules/networking/wireguard/client.nix
+++ b/modules/networking/wireguard/client.nix
@ -8,6 +8,11 @@
 in {
  options.networking.wg.client = {
    enable = lib.mkEnableOption "Enable WireGuard client";
    port = lib.mkOption {
      type = lib.types.port;
      default = 51820;
      description = "Port for WireGuard client";
    };
    autoConnect = lib.mkOption {
      type = lib.types.bool;
      default = false;
@ -20,17 +25,15 @@ in {
  };
  config = lib.mkIf cfg.enable {
-    networking.wg-quick.interfaces.wg0 = {
+    networking.firewall.allowedUDPPorts = [cfg.port];
-      inherit (peers.jonas) address;
+    networking.wireguard.interfaces.wg0 = {
      inherit (peers.jonas) ips;
      inherit (cfg) privateKeyFile;
      listenPort = cfg.port;
      peers = [
        peers.harbor
      ];
    };
    systemd.services.wg-quick-wg0.wantedBy =
      if cfg.autoConnect
      then lib.mkDefault []
      else lib.mkForce [];
  };
 }
--- a/modules/networking/wireguard/peers.nix
+++ b/modules/networking/wireguard/peers.nix
@ -14,7 +14,7 @@
  jonas = {
    publicKey = "oPMapC1S3TPe+/YQulG0AsVsOu+MzZY7huvAAXVJEnM=";
-    address = ["10.10.10.2/24"];
+    ips = ["10.10.10.2/24"];
    allowedIPs = ["10.10.10.2/32"];
  };
 }
--- a/modules/networking/wireguard/server.nix
+++ b/modules/networking/wireguard/server.nix
@ -20,11 +20,8 @@ in {
  };
  config = lib.mkIf cfg.enable {
-    # Firewall and NAT configuration
+    # Firewall rule
    networking.firewall.allowedUDPPorts = [cfg.port];
    networking.nat.enable = true;
    networking.nat.externalInterface = "eth0";
    networking.nat.internalInterfaces = ["wg0"];
    # Interface without internet routing
    networking.wireguard.interfaces."wg0" = {