sigma: allow local network access to public address

2024-05-07 00:40:13 +02:00 · 2024-05-07 00:40:13 +02:00 · 4229d33150
parent f8fc9db0b2
commit 4229d33150
1 changed files with 10 additions and 0 deletions
--- a/hosts/sigma/network.nix
+++ b/hosts/sigma/network.nix
@ -57,6 +57,16 @@
            Table = "wg-sigma-public";
          };
        }
+        {
+          # Allow hosts on the local network to contact us directly on the
+          # public address instead of routing the packet through Wireguard and
+          # back again.
+          routingPolicyRuleConfig = {
+            From = "49.13.33.75/32";
+            To = "192.168.0.0/24";
+            Table = "main";
+          };
+        }
        {
          # The postfix systemd service has
          # RestrictNetworkInterfaces=wg-sigma-public, but that does not tell