fix(jeeves)!: open up wireguard for DNS requests

Port 53 is needed to pass DNS requests through
Also enable `NAT` for `wg0`
This commit is contained in:
reo101 2024-07-20 22:44:39 +03:00
parent 39a574e94a
commit d9ce1c840b
Signed by: reo101
GPG key ID: 675AA7EF13964ACB

View file

@ -22,7 +22,20 @@
};
};
networking.firewall.allowedUDPPorts = [ 51820 ];
# Enable NAT
networking.nat = {
enable = true;
enableIPv6 = true;
externalInterface = "eth0";
internalInterfaces = [ "wg0" ];
};
# Open ports in the firewall
networking.firewall = {
allowedTCPPorts = [ 53 ];
allowedUDPPorts = [ 53 51820 ];
};
systemd.network = {
netdevs = {
"50-wg0" = {
@ -85,6 +98,7 @@
};
};
};
networks.wg0 = {
matchConfig.Name = "wg0";
address = [ "10.100.0.1/24" ];