From 7d5e47cfdfd6472877d16ff491a1c9771a2a9294 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20R=C3=B6ger?= <jonas.roeger@tu-dortmund.de>
Date: Wed, 14 May 2025 00:48:41 +0200
Subject: [PATCH] System Gen194 @ 2025-05-14-00:45:09 by jonas@comfy-station

---
 modules/networking/wireguard/server.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/modules/networking/wireguard/server.nix b/modules/networking/wireguard/server.nix
index 23916d4..c31245e 100644
--- a/modules/networking/wireguard/server.nix
+++ b/modules/networking/wireguard/server.nix
@@ -1,6 +1,7 @@
 {
   config,
   lib,
+  pkgs,
   ...
 }: let
   cfg = config.hive.wg.server;
@@ -27,10 +28,19 @@ in {
     networking.wireguard.interfaces."wg0" = {
       ips = ["10.10.10.1/24"];
       listenPort = cfg.port;
-
       inherit (cfg) privateKeyFile;
 
       peers = peers.forServer;
+
+      # Allow p2p traffic
+      postSetup = ''
+        ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT
+      '';
+
+      # Undo the above
+      postShutdown = ''
+        ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -o wg0 -j ACCEPT
+      '';
     };
   };
 }