From 156f13bc5d3358c2010d53973260da0f610d3cc4 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Tue, 31 May 2022 06:24:05 -0400
Subject: Update vpn

---
 config/router.nix | 2 +-
 modules/vpn.nix   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/router.nix b/config/router.nix
index 28d0f30..689f9b2 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -4,7 +4,7 @@ let
   lan-dev = "bond0";
   # config.orbekk.nycmesh.listenPort
   wireguardPorts =
-    [ config.orbekk.mullvad.listenPort ];
+    [ config.orbekk.mullvad.listenPort config.orbekk.vpn.listenPort ];
   mullvadMark = 30;
   # nycmeshMark = 32;
   aliases = import ../data/aliases.nix;
diff --git a/modules/vpn.nix b/modules/vpn.nix
index f232e14..f3918be 100644
--- a/modules/vpn.nix
+++ b/modules/vpn.nix
@@ -27,7 +27,7 @@ let
 
   mkPeer = hostConfig: {
     inherit (hostConfig) publicKey endpoint;
-    allowedIPs = (lib.optionals (!hostConfig.server) [ "0.0.0.0/0" "::/0" ]);
+    allowedIPs = (lib.optionals (!hostConfig.server && !cfg.is_server) [ "0.0.0.0/0" "::/0" ]);
   };
 
   getPeers = host:
-- 
cgit v1.2.3