caspervk/nixos
1
0
Fork 0
Code Actions Activity

sigma: allow local network access to public address

Browse source
This commit is contained in:
Casper V. Kristensen 2024-05-07 00:40:13 +02:00
parent f8fc9db0b2
commit 4229d33150
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
hosts/sigma/network.nix
View file

@ -57,6 +57,16 @@
Table = "wg-sigma-public"; Table = "wg-sigma-public";
}; };
} }
{
# Allow hosts on the local network to contact us directly on the
# public address instead of routing the packet through Wireguard and
# back again.
routingPolicyRuleConfig = {
From = "49.13.33.75/32";
To = "192.168.0.0/24";
Table = "main";
};
}
{ {
# The postfix systemd service has # The postfix systemd service has
# RestrictNetworkInterfaces=wg-sigma-public, but that does not tell # RestrictNetworkInterfaces=wg-sigma-public, but that does not tell