James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Migrate from WG to TS/HS

Browse Source
This commit is contained in:
James Eversole
2025-04-21 15:47:20 -05:00
parent 041bba5aeb
commit 2034274ee0
9 changed files with 50 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
nix/system/network.nix
View File

@ -1,15 +1,16 @@
{ ... }: {
{ config, ... }: {
networking = {
hostName = "eve-psr-nix0";
firewall = {
allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 ];
allowedUDPPorts = [ 53 51820 ];
trustedInterfaces = [ "tun0" ];
};
nat = {
enable = true;
externalInterface = "enp1s0";
internalInterfaces = [ "tun0" "wg0" ];
allowedUDPPorts = [ 53 51820 config.services.tailscale.port ];
extraCommands = ''
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
'';
extraStopCommands = ''
iptables -t nat -D POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
'';
};
nat.enable = true;
};
}