machines/wireguard: add some notes
This commit is contained in:
parent
dcb2d428d7
commit
0f9fd3f125
1 changed files with 4 additions and 0 deletions
|
@ -6,6 +6,8 @@ let
|
||||||
port = 51820;
|
port = 51820;
|
||||||
|
|
||||||
serverAddr = (import ../canigou/data.secret.nix).addr;
|
serverAddr = (import ../canigou/data.secret.nix).addr;
|
||||||
|
|
||||||
|
# Run `ip route` to show gateway
|
||||||
defaultGateway = "192.168.0.1";
|
defaultGateway = "192.168.0.1";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -40,6 +42,8 @@ in
|
||||||
# Path to the private key file.
|
# Path to the private key file.
|
||||||
privateKeyFile = cfg.privateKeyFile;
|
privateKeyFile = cfg.privateKeyFile;
|
||||||
|
|
||||||
|
# Add a more specific ip route allowing trafgfic to the VPN via the default gateway
|
||||||
|
# Source: https://discourse.nixos.org/t/route-all-traffic-through-wireguard-interface/1480/18
|
||||||
postSetup = "${pkgs.iproute}/bin/ip route add ${serverAddr} via ${defaultGateway}";
|
postSetup = "${pkgs.iproute}/bin/ip route add ${serverAddr} via ${defaultGateway}";
|
||||||
postShutdown = "${pkgs.iproute}/bin/ip route del ${serverAddr} via ${defaultGateway}";
|
postShutdown = "${pkgs.iproute}/bin/ip route del ${serverAddr} via ${defaultGateway}";
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue