Created
September 10, 2019 16:52
-
-
Save sorki/3d5fa029320722afb6f2431f62829437 to your computer and use it in GitHub Desktop.
vg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| networking.nat.enable = true; | |
| networking.nat.externalInterface = "venet0"; | |
| networking.nat.internalInterfaces = [ "wg0" ]; | |
| networking.firewall.allowedUDPPorts = [ 45666 ]; | |
| networking.firewall.extraCommands = '' | |
| iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -j MASQUERADE | |
| ''; | |
| networking.wireguard.interfaces = { | |
| # "wg0" is the network interface name. You can name the interface arbitrarily. | |
| wg0 = { | |
| # Determines the IP address and subnet of the server's end of the tunnel interface. | |
| ips = [ "10.100.0.1/24" ]; | |
| allowedIPsAsRoutes = false; | |
| # The port that Wireguard listens to. Must be accessible by the client. | |
| listenPort = 45666; | |
| privateKeyFile = ...; | |
| peers = [...]; | |
| }; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment