diff --git a/clhickey-nixos/configuration.nix b/clhickey-nixos/configuration.nix index 1d3027e..566f8e3 100644 --- a/clhickey-nixos/configuration.nix +++ b/clhickey-nixos/configuration.nix @@ -203,6 +203,7 @@ dig ncdu servo + tcpdump ]; sessionVariables = { EDITOR = "${inputs.cnvim.packages.x86_64-linux.default}/bin/nvim"; diff --git a/wireguard.nix b/wireguard.nix index 89308ff..be0c2aa 100644 --- a/wireguard.nix +++ b/wireguard.nix @@ -22,6 +22,9 @@ in type = lib.types.str; default = "${cfg.baseIP}.${builtins.toString cfg.clientPubOptionsMap.${host}.clientNumber}"; }; + ipv6 = lib.mkOption { + default = "${cfg.baseIPv6}${builtins.toString cfg.clientPubOptionsMap.${host}.clientNumber}"; + }; port = lib.mkOption { type = lib.types.port; default = 51820; @@ -39,10 +42,18 @@ in type = lib.types.str; default = "10.100.0"; }; + baseIPv6 = lib.mkOption { + type = lib.types.str; + default = "fc10::"; + }; clientInternalIP = lib.mkOption { type = lib.types.str; default = cfg.clientPubOptionsMap.${config.cos.hostName}.ip; }; + clientInternalIPv6 = lib.mkOption { + type = lib.types.str; + default = cfg.clientPubOptionsMap.${config.cos.hostName}.ipv6; + }; clientInternalPort = lib.mkOption { type = lib.types.port; default = cfg.clientPubOptionsMap.${config.cos.hostName}.port; @@ -74,7 +85,7 @@ in enable = true; interfaces = { ${cfg.interface} = { - ips = [ "${cfg.clientInternalIP}/24" ]; + ips = [ "${cfg.clientInternalIP}/32" "${cfg.clientInternalIPv6}/128" ]; listenPort = cfg.clientInternalPort; privateKeyFile = cfg.privateKeyFile; @@ -82,7 +93,10 @@ in peers = [ { publicKey = cfg.clientPubOptionsMap.loadedskypotato.publicKey; - allowedIPs = [ "${cfg.baseIP}.0/24" ]; + allowedIPs = [ + "${cfg.baseIP}.0/24" + "${cfg.baseIPv6}/64" + ]; endpoint = "${config.cos.knownPublicIPs.loadedskypotato}:${builtins.toString cfg.clientPubOptionsMap.loadedskypotato.port}"; persistentKeepalive = 25; }