Commit `9c134189e523`

Vincent Demeester <vincent@sbr.pm>

2021-07-12 10:59:07

wireguard: no more need to add the module

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

main

1 parent f284be0

Changed files (1)

systems

modules

profiles

wireguard.server.nix

@@ -17,7 +17,7 @@ in
     };
   };
   config = mkIf cfg.enable {
-    boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
+    # boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
     environment.systemPackages = [ pkgs.wireguard ];
     boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
     networking.firewall.extraCommands = ''
@@ -25,6 +25,7 @@ in
     '';
     networking.firewall.allowedUDPPorts = [ 51820 ];
     networking.firewall.trustedInterfaces = [ "wg0" ];
+    networking.firefwall.enable = true;
     networking.wireguard.interfaces = {
       "wg0" = {
         ips = allowedIPs;

Commit 9c134189e523

Commit `9c134189e523`