diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2022-05-31 08:25:28 -0400 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2022-05-31 08:25:28 -0400 |
commit | d3049557ffc13afd866338581442f8117be120ae (patch) | |
tree | 2e2b7355a36d5dc78cfa16e015e1dee4b822b8bd /modules/vpn.nix | |
parent | 7cea6e0369f0828c16f0261af9f57e076dfc6e42 (diff) |
Update vpn
Diffstat (limited to 'modules/vpn.nix')
-rw-r--r-- | modules/vpn.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/vpn.nix b/modules/vpn.nix index c50d773..ff47c0a 100644 --- a/modules/vpn.nix +++ b/modules/vpn.nix @@ -6,7 +6,7 @@ let vpn-prefix = "2001:470:8e2e:1000"; mkConfig = host: ip: { - ips = [ "${vpn-prefix}::${ip}/64" ]; + ips = [ "${vpn-prefix}::${ip}/128" ]; publicKey = (builtins.readFile ../secrets/${host}-wireguard-key.pub); endpoint = null; relay = false; @@ -27,7 +27,7 @@ let mkPeer = hostConfig: { inherit (hostConfig) publicKey endpoint; - allowedIPs = hostConfig.ips ++ (lib.optionals (hostConfig.relay && !cfg.is_server) [ "0.0.0.0/0" "::/0" ]); + allowedIPs = hostConfig.ips; # ++ (lib.optionals (hostConfig.relay && !cfg.is_server) [ "0.0.0.0/0" "::/0" ]); }; getPeers = host: |