further refined and documents issues with wire guard config
This commit is contained in:
parent
7b9d1ee390
commit
b7a4f63ddd
1 changed files with 18 additions and 19 deletions
|
|
@ -120,12 +120,6 @@
|
||||||
systemd.network = {
|
systemd.network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
# config = {
|
|
||||||
# routeTables = {
|
|
||||||
# p2p = 1;
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
|
|
||||||
netdevs = {
|
netdevs = {
|
||||||
"10-bond0" = {
|
"10-bond0" = {
|
||||||
netdevConfig = {
|
netdevConfig = {
|
||||||
|
|
@ -138,23 +132,20 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# "15-p2p0" = {
|
# "20-wg0" = {
|
||||||
# netdevConfig = {
|
# netdevConfig = {
|
||||||
# Kind = "wireguard";
|
# Kind = "wireguard";
|
||||||
# Name = "p2p0";
|
# Name = "wg0";
|
||||||
# MTUBytes = "1280";
|
|
||||||
# };
|
# };
|
||||||
# wireguardConfig = {
|
# wireguardConfig = {
|
||||||
# PrivateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
|
# PrivateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
|
||||||
# ListenPort = 51820;
|
# ListenPort = 51820;
|
||||||
# # RouteTable = "p2p";
|
|
||||||
# };
|
# };
|
||||||
# wireguardPeers = [
|
# wireguardPeers = [
|
||||||
# {
|
# {
|
||||||
# PublicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
|
# PublicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
|
||||||
# Endpoint = "185.230.126.146:51820";
|
# Endpoint = "185.230.126.146:51820";
|
||||||
# AllowedIPs = ["0.0.0.0/0"];
|
# AllowedIPs = ["0.0.0.0/0"];
|
||||||
# RouteTable = "off";
|
|
||||||
# }
|
# }
|
||||||
# ];
|
# ];
|
||||||
# };
|
# };
|
||||||
|
|
@ -176,17 +167,25 @@
|
||||||
dns = ["192.168.1.1"];
|
dns = ["192.168.1.1"];
|
||||||
};
|
};
|
||||||
|
|
||||||
# "45-p2p0" = {
|
# For some reason this isn't working. It looks like traffic goes out and comes back but doesn't get correctly routed back to the wg interface on the return trip
|
||||||
# matchConfig.Name = "p2p0";
|
# debugging steps:
|
||||||
|
# try sending data on the interface `ping -I wg0 8.8.8.8`
|
||||||
|
# view all traffic on the interface `sudo tshark -i wg0`
|
||||||
|
# see what applications are listening to port 14666 (thats what we currently have qbittorent set up to use) `ss -tuln | grep 14666`
|
||||||
|
# "50-wg0" = {
|
||||||
|
# matchConfig.Name = "wg0";
|
||||||
|
# networkConfig = {
|
||||||
|
# DHCP = "no";
|
||||||
|
# };
|
||||||
# address = [
|
# address = [
|
||||||
# "10.2.0.2/32"
|
# "10.2.0.2/32"
|
||||||
# ];
|
# ];
|
||||||
# routes = [
|
# # routes = [
|
||||||
# {
|
# # {
|
||||||
# Destination = "0.0.0.0/0";
|
# # Destination = "10.2.0.2/32";
|
||||||
# }
|
# # Gateway = "10.2.0.1";
|
||||||
# ];
|
# # }
|
||||||
# linkConfig.RequiredForOnline = false;
|
# # ];
|
||||||
# };
|
# };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue