mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

fix: route the whole wireguard network when we are a client.

Browse source
This commit is contained in:
oddlama 2023-05-20 20:58:37 +02:00
parent f95bc0eb30
commit 43b2bd1982
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
2 changed files with 9 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/wireguard.nix
View file

@ -219,8 +219,10 @@
wireguardPeerConfig = {
PublicKey = builtins.readFile (peerPublicKeyPath wgCfg.client.via);
PresharedKeyFile = config.rekey.secrets.${peerPresharedKeySecret nodeName wgCfg.client.via}.path;
# TODO this should be 0.0.0.0 if the client wants to route all traffic
AllowedIPs = serverAllowedIPs wgCfg.client.via;
# Access to the whole network is routed through our entry node.
# TODO this should add any routedAddresses on ANY server in the network, right?
# if A entries via B and only C can route 0.0.0.0/0, does that work?
AllowedIPs = networkCidrs;
};
}
];