From d06e1faf3bde1d442ca10a148598237273d04a53 Mon Sep 17 00:00:00 2001
From: Dmitriy Pleshevskiy <dmitriy@pleshevski.ru>
Date: Wed, 12 Jun 2024 23:33:59 +0300
Subject: [PATCH] modules/wireguard: don't use wg with cache.nixos.org

---
 modules/nixos/services/vpn/wireguard/client.nix | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/modules/nixos/services/vpn/wireguard/client.nix b/modules/nixos/services/vpn/wireguard/client.nix
index 7274212..9be3134 100644
--- a/modules/nixos/services/vpn/wireguard/client.nix
+++ b/modules/nixos/services/vpn/wireguard/client.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 
 let
   cfg = config.local.services.vpn.wireguard;
@@ -43,6 +43,13 @@ in
         # Path to the private key file.
         privateKeyFile = cfg.privateKeyFile;
 
+        postUp = ''
+          addr=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $3; exit}'`
+          interface=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $5; exit}'`
+          # don't use wg with cache.nixos.org
+          ${pkgs.iproute}/bin/ip route add 151.101.86.217/32 via $addr dev $interface
+        '';
+
         peers = [
           # For a client configuration, one peer entry for the server will suffice.