diff options
| author | makefu <github@syntax-fehler.de> | 2018-01-06 23:44:03 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2018-01-06 23:44:03 +0100 |
| commit | 17883f68dd0ddcb9813add65559bcc95009148fc (patch) | |
| tree | 7235109986615fca8f0d619721e8a26ea2390604 /makefu/1systems/vbob | |
| parent | 3aaab59b7f2eaa635106826bd4a4229a0a7a794c (diff) | |
ma vbob.r: set route after network online
Diffstat (limited to 'makefu/1systems/vbob')
| -rw-r--r-- | makefu/1systems/vbob/config.nix | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index d4b80c90..ffd9deae 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -52,24 +52,21 @@ <stockholm/makefu/2configs/tinc/retiolum.nix> (let gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; - Gateway = "10.0.2.2"; + gateway = "10.0.2.2"; in { - networking.localCommands = '' - ip route add ${gum-ip} via ${Gateway} - ''; - + # make sure the route to gum gets added after the network is online + systemd.services.wireguard-wg0.after = [ "network-online.target" ]; networking.wireguard.interfaces.wg0 = { ips = [ "10.244.0.3/24" ]; privateKeyFile = (toString <secrets>) + "/wireguard.key"; - allowedIPsAsRoutes = true; # explicit route via eth0 to gum + preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; peers = [ - { - # gum + { # gum endpoint = "${gum-ip}:51820"; - # allowedIPs = [ "10.244.0.0/24" ]; - allowedIPs = [ "0.0.0.0/0" ]; + allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + persistentKeepalive = 25; } ]; }; |