From 0f9fd3f125a5714f899d77f5ec0f31efd5f6ba66 Mon Sep 17 00:00:00 2001
From: Dmitriy Pleshevskiy <dmitriy@pleshevski.ru>
Date: Thu, 2 Mar 2023 17:36:05 +0300
Subject: [PATCH] machines/wireguard: add some notes

---
 machines/modules/wireguard-client.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/machines/modules/wireguard-client.nix b/machines/modules/wireguard-client.nix
index 81c5807..cd00201 100644
--- a/machines/modules/wireguard-client.nix
+++ b/machines/modules/wireguard-client.nix
@@ -6,6 +6,8 @@ let
   port = 51820;
 
   serverAddr = (import ../canigou/data.secret.nix).addr;
+
+  # Run `ip route` to show gateway
   defaultGateway = "192.168.0.1";
 in
 {
@@ -40,6 +42,8 @@ in
         # Path to the private key file.
         privateKeyFile = cfg.privateKeyFile;
 
+        # Add a more specific ip route allowing trafgfic to the VPN via the default gateway
+        # Source: https://discourse.nixos.org/t/route-all-traffic-through-wireguard-interface/1480/18
         postSetup = "${pkgs.iproute}/bin/ip route add ${serverAddr} via ${defaultGateway}";
         postShutdown = "${pkgs.iproute}/bin/ip route del ${serverAddr} via ${defaultGateway}";