clara/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wireguard

Browse source
This commit is contained in:
CDaut 2024-08-20 19:26:30 +02:00
parent 40a16d033c
commit c52ef025d7
Signed by: clara
GPG key ID: 223391B52FAD4463
2 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
configuration.nix
View file

@ -304,6 +304,21 @@
}; };
}; };
# wireguard
networking.firewall = {
# if packets are still dropped, they will show up in dmesg
logReversePathDrops = true;
# wireguard trips rpfilter up
extraCommands = ''
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
'';
extraStopCommands = ''
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
'';
};
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave

1
home.nix
View file

@ -86,6 +86,7 @@ let username = "clara"; in
vdhcoapp vdhcoapp
inkscape inkscape
prusa-slicer prusa-slicer
light
] ++ (if x11mode then [ ] ++ (if x11mode then [
arandr arandr
flameshot flameshot