make systemd networkd config closer to upstream
This commit is contained in:
parent
bbce0b8d4e
commit
065278ec78
|
@ -7,7 +7,7 @@
|
||||||
# Main interface
|
# Main interface
|
||||||
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
||||||
networks."10-lan" = {
|
networks."10-lan" = {
|
||||||
name = "enp1s0";
|
matchConfig.Name = "enp1s0";
|
||||||
address = [
|
address = [
|
||||||
"116.203.179.206/32"
|
"116.203.179.206/32"
|
||||||
"2a01:4f8:c2c:71c0::/64"
|
"2a01:4f8:c2c:71c0::/64"
|
||||||
|
@ -53,14 +53,14 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networks."wg-sigma-public" = {
|
networks."50-wg-sigma-public" = {
|
||||||
name = "wg-sigma-public";
|
matchConfig.Name = "wg-sigma-public";
|
||||||
};
|
};
|
||||||
|
|
||||||
# The following routes traffic destined for the sigma-p2p address (floating
|
# The following routes traffic destined for the sigma-p2p address (floating
|
||||||
# IP) to sigma through wireguard. This allows the server to have a public
|
# IP) to sigma through wireguard. This allows the server to have a public
|
||||||
# address and help others sail the high seas even though it is behind NAT.
|
# address and help others sail the high seas even though it is behind NAT.
|
||||||
netdevs."51-wg-sigma-p2p" = {
|
netdevs."50-wg-sigma-p2p" = {
|
||||||
netdevConfig = {
|
netdevConfig = {
|
||||||
Name = "wg-sigma-p2p";
|
Name = "wg-sigma-p2p";
|
||||||
Kind = "wireguard";
|
Kind = "wireguard";
|
||||||
|
@ -80,8 +80,8 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networks."wg-sigma-p2p" = {
|
networks."50-wg-sigma-p2p" = {
|
||||||
name = "wg-sigma-p2p";
|
matchConfig.Name = "wg-sigma-p2p";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# Main interface
|
# Main interface
|
||||||
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
||||||
networks."10-lan" = {
|
networks."10-lan" = {
|
||||||
name = "enp1s0";
|
matchConfig.Name = "enp1s0";
|
||||||
address = [
|
address = [
|
||||||
"159.69.4.2/32"
|
"159.69.4.2/32"
|
||||||
"2a01:4f8:1c0c:70d1::1/64"
|
"2a01:4f8:1c0c:70d1::1/64"
|
||||||
|
|
|
@ -46,8 +46,8 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networks."wg-sigma-public" = {
|
networks."50-wg-sigma-public" = {
|
||||||
name = "wg-sigma-public";
|
matchConfig.Name = "wg-sigma-public";
|
||||||
address = ["49.13.33.75/32"];
|
address = ["49.13.33.75/32"];
|
||||||
routingPolicyRules = [
|
routingPolicyRules = [
|
||||||
{
|
{
|
||||||
|
@ -86,7 +86,7 @@
|
||||||
# receiving traffic destined for the sigma-p2p address. This allows the
|
# receiving traffic destined for the sigma-p2p address. This allows the
|
||||||
# server to have a public address and help others sail the high seas even
|
# server to have a public address and help others sail the high seas even
|
||||||
# though it is behind NAT.
|
# though it is behind NAT.
|
||||||
netdevs."51-wg-sigma-p2p" = {
|
netdevs."50-wg-sigma-p2p" = {
|
||||||
netdevConfig = {
|
netdevConfig = {
|
||||||
Name = "wg-sigma-p2p";
|
Name = "wg-sigma-p2p";
|
||||||
Kind = "wireguard";
|
Kind = "wireguard";
|
||||||
|
@ -107,8 +107,8 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networks."wg-sigma-p2p" = {
|
networks."50-wg-sigma-p2p" = {
|
||||||
name = "wg-sigma-p2p";
|
matchConfig.Name = "wg-sigma-p2p";
|
||||||
address = ["${secrets.hosts.sigma.sigma-p2p-ip-address}/32"];
|
address = ["${secrets.hosts.sigma.sigma-p2p-ip-address}/32"];
|
||||||
routingPolicyRules = [
|
routingPolicyRules = [
|
||||||
{
|
{
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
networks."10-lan" = {
|
networks."10-lan" = {
|
||||||
# IPv4 settings are from `sudo dhcpcd --test`.
|
# IPv4 settings are from `sudo dhcpcd --test`.
|
||||||
# IPv6 settings are from https://www.ssdvps.dk/knowledgebase/18/IPv6-Gateway.html.
|
# IPv6 settings are from https://www.ssdvps.dk/knowledgebase/18/IPv6-Gateway.html.
|
||||||
name = "ens3";
|
matchConfig.Name = "ens3";
|
||||||
address = [
|
address = [
|
||||||
"91.210.59.57/25"
|
"91.210.59.57/25"
|
||||||
"2a0d:3e83:1:b284::1/64"
|
"2a0d:3e83:1:b284::1/64"
|
||||||
|
|
Loading…
Reference in a new issue