fix: give wireguard client and server different IPs

2023-10-20 00:47:11 +02:00 · 2023-10-20 00:47:11 +02:00 · ab7ae9ba8a
parent be380f2c01
commit ab7ae9ba8a
2 changed files with 6 additions and 6 deletions
--- a/hosts/pie/wireguard.nix
+++ b/hosts/pie/wireguard.nix
@ -11,15 +11,15 @@
    enableIPv6 = true;
    internalInterfaces = [ "wg-server" ];
  };
-  networking.firewall.allowedUDPPorts = [ 51899 ];
+  networking.firewall.allowedUDPPorts = [ 51898 ];

  # Enable WireGuard
  networking.wg-quick.interfaces = {
    wg-server = {
-      listenPort = 51899;
+      listenPort = 51898;
      address = [
-        "10.0.1.2/32"
-        "fd00:acab:1312:acab:2::/128"
+        "10.0.1.0/32"
+        "fd00:acab:1312:acab::/128"
      ];
      dns = [
        "10.0.1.2"
--- a/modules/wireguard-client/default.nix
+++ b/modules/wireguard-client/default.nix
@ -29,7 +29,7 @@ in {

    networking.wg-quick.interfaces = {
      wg0 = {
-        listenPort = 51898;
+        listenPort = 51899;
        address = cfg.ownIPs;
        dns = [
          "10.0.1.2"
@ -44,7 +44,7 @@ in {
              "10.0.1.0/32"
              "fd00:acab:1312:acab:0::/128"
            ];
-            endpoint = "[2a02:908:5b1:e3c0:3077:4e39:7763:2]:51899";
+            endpoint = "[2a02:908:5b1:e3c0:3077:4e39:7763:2]:51898";
            persistentKeepalive = 25;
          }
        ];