diff options
-rw-r--r-- | modules/router.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/router.nix b/modules/router.nix index a5ab637..28d2d23 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -9,6 +9,7 @@ let mullvadPort = config.orbekk.mullvad.listenPort; vpnPort = config.orbekk.vpn.listenPort; + vpnPrefx = "2001:470:8e2e:1000"; router-netns-up = pkgs.writeScript "router-netns-up" '' #!${pkgs.bash}/bin/bash @@ -91,6 +92,16 @@ let }]; systemd.services.he0-netdev.after = ["kjlan-netdev.service"]; + networking.wireguard = { + enable = true; + interfaces.wg-vpn = { + ips = [ "${vpnPrefix}::d"/128 ]; + privateKeyFile = config.age.secrets.dragon-wireguard-key.path; + allowedIPs = [ "${vpnPrefix}::/64" ]; + listenPort = vpnPort; + }; + }; + networking.iproute2.enable = true; networking.iproute2.rttablesExtraConfig = '' ${toString mullvadMark} mullvad |