diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2023-10-07 19:04:04 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2023-10-07 19:04:04 -0400 |
| commit | 1b75f59d12531d1085158a03a459ccdcbdb46bd6 (patch) | |
| tree | 1088625ec630d908aeb3d2bbc25a874a6e9a72e6 | |
| parent | 64b402efae45e4ccd7cc24c0bf0682d8a4283026 (diff) | |
fix
| -rw-r--r-- | machines/dragon.nix | 9 | ||||
| -rw-r--r-- | modules/router.nix | 5 |
2 files changed, 13 insertions, 1 deletions
diff --git a/machines/dragon.nix b/machines/dragon.nix index f060dc0..34beb99 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -1,5 +1,7 @@ { config, lib, pkgs, ... }: -let duid = "00:01:00:01:21:a2:4e:a8:d0:bf:9c:45:a6:ec"; +let + duid = "00:01:00:01:21:a2:4e:a8:d0:bf:9c:45:a6:ec"; + vpnPrefix = "2001:470:8e2e:1000"; in { imports = [ # ../config/router.nix @@ -85,6 +87,11 @@ in { networking = { hostName = lib.mkForce "dragon"; }; networking.firewall.enable = false; networking.interfaces.router-vport.useDHCP = true; + networking.interfaces.wg-vpnlan-vport = { + useDHCP = false; + ipv6.addresses = [{address = "${vpnPrefix}::d"; prefixLength = 128;}]; + ipv6.routes = [{address = "${vpnPrefix}::"; prefixLength = 64; via = "${vpnPrefix}::1"; }]; + }; networking.resolvconf.useLocalResolver = false; networking.dhcpcd.enable = true; networking.dhcpcd.extraConfig = '' diff --git a/modules/router.nix b/modules/router.nix index 8ed2e76..a530645 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -26,6 +26,7 @@ let devices} ip link add router-vport type veth peer name dragon-vport netns router ip link add vpn-vport type veth peer name dragonvpn-vport netns router + ip link add wg-vpn-vport type veth peer name wg-vpnlan-vport netns router ip netns add vpn ip netns exec vpn ip link set lo up @@ -51,6 +52,7 @@ let interfaces.wan-vport = { vlan = 10; type = "internal"; }; interfaces.lan-vport = { vlan = 100; type = "internal"; }; interfaces.vpnlan-vport = { vlan = 30; type = "internal"; }; + interfaces.wg-vpnlan-vport = { vlan = 200; type = "internal"; }; interfaces.servers-vport = { vlan = 20; type = "internal"; }; interfaces.admin-vport = { vlan = 255; type = "internal"; }; interfaces.dragon-vport = { vlan = 20; }; @@ -79,6 +81,9 @@ let ipv4.addresses = [{address = "10.10.255.18"; prefixLength = 24;}]; ipv4.routes = [{address = "10.10.255.0"; prefixLength = 24;}]; }; + networking.interfaces.wg-vpnlan-vport = { + ipv6.addresses = [{address = "${vpnPrefix}::1"; prefixLength = 128; }]; + }; networking.interfaces.vpnlan-vport = { ipv4.addresses = [{address = "172.20.30.1"; prefixLength = 24;}]; ipv6.addresses = [{address = "2001:470:8e2e:30::1"; prefixLength = 64;}]; |