From 1b75f59d12531d1085158a03a459ccdcbdb46bd6 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Sat, 7 Oct 2023 19:04:04 -0400
Subject: fix

---
 machines/dragon.nix | 9 ++++++++-
 modules/router.nix  | 5 +++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/machines/dragon.nix b/machines/dragon.nix
index f060dc0..34beb99 100644
--- a/machines/dragon.nix
+++ b/machines/dragon.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }:
-let duid = "00:01:00:01:21:a2:4e:a8:d0:bf:9c:45:a6:ec";
+let
+  duid = "00:01:00:01:21:a2:4e:a8:d0:bf:9c:45:a6:ec";
+  vpnPrefix = "2001:470:8e2e:1000";
 in {
   imports = [
     # ../config/router.nix
@@ -85,6 +87,11 @@ in {
   networking = { hostName = lib.mkForce "dragon"; };
   networking.firewall.enable = false;
   networking.interfaces.router-vport.useDHCP = true;
+  networking.interfaces.wg-vpnlan-vport = {
+    useDHCP = false;
+    ipv6.addresses = [{address = "${vpnPrefix}::d"; prefixLength = 128;}];
+    ipv6.routes = [{address = "${vpnPrefix}::"; prefixLength = 64; via = "${vpnPrefix}::1"; }];
+  };
   networking.resolvconf.useLocalResolver = false;
   networking.dhcpcd.enable = true;
   networking.dhcpcd.extraConfig = ''
diff --git a/modules/router.nix b/modules/router.nix
index 8ed2e76..a530645 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -26,6 +26,7 @@ let
     devices}
     ip link add router-vport type veth peer name dragon-vport netns router
     ip link add vpn-vport type veth peer name dragonvpn-vport netns router
+    ip link add wg-vpn-vport type veth peer name wg-vpnlan-vport netns router
 
     ip netns add vpn
     ip netns exec vpn ip link set lo up
@@ -51,6 +52,7 @@ let
       interfaces.wan-vport = { vlan = 10; type = "internal"; };
       interfaces.lan-vport = { vlan = 100; type = "internal"; };
       interfaces.vpnlan-vport = { vlan = 30; type = "internal"; };
+      interfaces.wg-vpnlan-vport = { vlan = 200; type = "internal"; };
       interfaces.servers-vport = { vlan = 20; type = "internal"; };
       interfaces.admin-vport = { vlan = 255; type = "internal"; };
       interfaces.dragon-vport = { vlan = 20; };
@@ -79,6 +81,9 @@ let
       ipv4.addresses = [{address = "10.10.255.18"; prefixLength = 24;}];
       ipv4.routes = [{address = "10.10.255.0"; prefixLength = 24;}];
     };
+    networking.interfaces.wg-vpnlan-vport = {
+      ipv6.addresses = [{address = "${vpnPrefix}::1"; prefixLength = 128; }];
+    };
     networking.interfaces.vpnlan-vport = {
       ipv4.addresses = [{address = "172.20.30.1"; prefixLength = 24;}];
       ipv6.addresses = [{address = "2001:470:8e2e:30::1"; prefixLength = 64;}];
-- 
cgit v1.2.3