diff options
| -rw-r--r-- | modules/router.nix | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/modules/router.nix b/modules/router.nix index 6d952df..0832005 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -92,15 +92,6 @@ let }]; systemd.services.he0-netdev.after = ["kjlan-netdev.service"]; - networking.wireguard = { - enable = true; - interfaces.wg-vpn = { - ips = [ "${vpnPrefix}::d"/128 ]; - privateKeyFile = config.age.secrets.dragon-wireguard-key.path; - listenPort = vpnPort; - }; - }; - networking.iproute2.enable = true; networking.iproute2.rttablesExtraConfig = '' ${toString mullvadMark} mullvad @@ -327,6 +318,17 @@ in { additionalCapabilities = ["CAP_NET_ADMIN"]; }; + networking.wireguard = { + enable = true; + interfaces.wg-vpn = { + socketNamespace = "router"; + interfaceNamespace = "router"; + ips = [ "${vpnPrefix}::d"/128 ]; + privateKeyFile = config.age.secrets.dragon-wireguard-key.path; + listenPort = vpnPort; + }; + }; + services.ddclient = { enable = true; configFile = "/opt/secret/he-ddclient.conf"; |