diff --git a/hosts/ni/default.nix b/hosts/ni/default.nix index 8290d6a1..a7f8a2a6 100644 --- a/hosts/ni/default.nix +++ b/hosts/ni/default.nix @@ -2,7 +2,8 @@ let network = import ../plover/modules/hardware/networks.nix; - inherit (network) publicIP wireguardIPv6BaseAddress wireguardPort; + inherit (builtins) toString; + inherit (network) publicIP wireguardIPv6 wireguardIPv6LengthPrefix wireguardPort; wireguardAllowedIPs = [ "0:0:0:0/0" "::/0" ]; wireguardIFName = "wireguard0"; @@ -257,7 +258,7 @@ in matchConfig.Name = wireguardIFName; address = [ "172.45.1.2/24" - "${wireguardIPv6BaseAddress}/48" + "${wireguardIPv6}/${toString wireguardIPv6LengthPrefix}" ]; # Otherwise, it will autostart every bootup when I need it only at few diff --git a/hosts/plover/modules/hardware/hetzner-cloud-cx21.nix b/hosts/plover/modules/hardware/hetzner-cloud-cx21.nix index 46a07a9d..5233f045 100644 --- a/hosts/plover/modules/hardware/hetzner-cloud-cx21.nix +++ b/hosts/plover/modules/hardware/hetzner-cloud-cx21.nix @@ -5,6 +5,7 @@ # from nixos-generators. let network = import ./networks.nix; + inherit (builtins) toString; inherit (network) publicIP' publicIPv6 publicIPv6PrefixLength privateNetworkGatewayIP; # This is just referring to the same interface just with alternative names. @@ -65,7 +66,7 @@ in # The public IPv6 is assigned to a server so we'll to have to go with # something else. - "${publicIPv6}1/${publicIPv6PrefixLength}" + "${publicIPv6}1/${toString publicIPv6PrefixLength}" ]; networkConfig = { diff --git a/hosts/plover/modules/hardware/networks.nix b/hosts/plover/modules/hardware/networks.nix index cff587ac..015b7a7b 100644 --- a/hosts/plover/modules/hardware/networks.nix +++ b/hosts/plover/modules/hardware/networks.nix @@ -13,6 +13,7 @@ rec { privateIPNetworkRange = "172.16.0.0/32"; privateNetworkGatewayIP = "172.16.0.1/32"; - wireguardIPv6BaseAddress = "fdee:b0de:54e6::"; + wireguardIPv6 = "fdee:b0de:54e6:ae74::"; + wireguardIPv6LengthPrefix = 64; wireguardPort = 51820; } diff --git a/hosts/plover/modules/services/wireguard.nix b/hosts/plover/modules/services/wireguard.nix index 8ed201a4..f3c993c6 100644 --- a/hosts/plover/modules/services/wireguard.nix +++ b/hosts/plover/modules/services/wireguard.nix @@ -5,17 +5,11 @@ let acmeName = "wireguard.${config.networking.domain}"; networks = import ../hardware/networks.nix; - inherit (networks) privateNetworkGatewayIP wireguardIPv6BaseAddress wireguardPort; + inherit (builtins) toString; + inherit (networks) wireguardIPv6 wireguardIPv6LengthPrefix wireguardPort; wireguardIFName = "wireguard0"; - wireguardAddresses = [ - # Private IP address. - "172.45.1.1/32" - - # Private IPv6 address. Just arbitrarily chosen. - "${wireguardIPv6BaseAddress}/48" - ]; - wireguardAllowedIPs = [ "172.45.1.2/24" "${wireguardIPv6BaseAddress}/48" ]; + wireguardAllowedIPs = [ "172.45.1.2/24" "${wireguardIPv6}/${toString wireguardIPv6LengthPrefix}" ]; in { environment.systemPackages = [ pkgs.wireguard-tools ]; @@ -57,10 +51,13 @@ in networks."99-${wireguardIFName}" = { matchConfig.Name = wireguardIFName; + address = [ + # Private IP address. + "172.45.1.1/32" - address = wireguardAddresses; - - gateway = [ privateNetworkGatewayIP ]; + # Private IPv6 address. Just arbitrarily chosen. + "${wireguardIPv6}1/${toString wireguardIPv6LengthPrefix}" + ]; }; }; }