ip declarations

2026-02-05 17:02:20 -06:00
parent c09268891e
commit afbffaa203
3 changed files with 75 additions and 74 deletions
--- a/modules/modules.nix
+++ b/modules/modules.nix
@@ -50,10 +50,13 @@ in
        miniserver = "192.168.1.100";
        workstation = "192.168.100.18";
        vps = "45.33.0.228";
+        wg-s = "10.77.0.0";
        wg-vps = "10.77.0.1";
        wg-server = "10.77.0.2";
-        wg-g1 = "10.9.0.2";
        wg-gs = "10.9.0.0";
+        wg-g0 = "10.9.0.1";
+        wg-g1 = "10.9.0.2";
+        wg-friend0 = "10.8.0.1";
        wg-friend1 = "10.8.0.2";
        wg-friend2 = "10.8.0.3";
        wg-friend3 = "10.8.0.4";
--- a/modules/services/wireguard.nix
+++ b/modules/services/wireguard.nix
@@ -5,7 +5,6 @@
 }:
 let
  port = 51820;
-  interface = config.my.interfaces.${config.networking.hostName};
 in
 {
  options.my.services.wireguard.enable = lib.mkEnableOption "WireGuard VPN configuration";
@@ -13,16 +12,11 @@ in
    sops.secrets."vps/server/private".sopsFile = ../../secrets/wireguard.yaml;
    networking = {
      firewall.allowedUDPPorts = [ port ];
-      nat = {
-        enable = true;
-        externalInterface = interface;
-        internalInterfaces = [ "wg0" ];
-      };
      wireguard.interfaces.wg0 = {
        ips = [
          "${config.my.ips.wg-vps}/24"
-          "10.8.0.1/24"
-          "10.9.0.1/24"
+          "${config.my.ips.wg-friend0}/24"
+          "${config.my.ips.wg-g0}/24"
        ];
        listenPort = port;
        postSetup = "";