fix(jeeves)!: open up wireguard
for DNS
requests
Port 53 is needed to pass DNS requests through Also enable `NAT` for `wg0`
This commit is contained in:
parent
39a574e94a
commit
d9ce1c840b
1 changed files with 15 additions and 1 deletions
|
@ -22,7 +22,20 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
# Enable NAT
|
||||||
|
networking.nat = {
|
||||||
|
enable = true;
|
||||||
|
enableIPv6 = true;
|
||||||
|
externalInterface = "eth0";
|
||||||
|
internalInterfaces = [ "wg0" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Open ports in the firewall
|
||||||
|
networking.firewall = {
|
||||||
|
allowedTCPPorts = [ 53 ];
|
||||||
|
allowedUDPPorts = [ 53 51820 ];
|
||||||
|
};
|
||||||
|
|
||||||
systemd.network = {
|
systemd.network = {
|
||||||
netdevs = {
|
netdevs = {
|
||||||
"50-wg0" = {
|
"50-wg0" = {
|
||||||
|
@ -85,6 +98,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networks.wg0 = {
|
networks.wg0 = {
|
||||||
matchConfig.Name = "wg0";
|
matchConfig.Name = "wg0";
|
||||||
address = [ "10.100.0.1/24" ];
|
address = [ "10.100.0.1/24" ];
|
||||||
|
|
Loading…
Reference in a new issue