SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-04 16:03:12 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request 'Added fixes for VPN networking' (#16) from vpn-fix into master

Browse source 
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/16
This commit is contained in:
Inex Code 2022-02-28 13:09:24 +02:00
parent a0a6c99fe8 4bf80d7a2d
commit cb6378a970
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
configuration.nix
View file

@ -6,7 +6,6 @@ in
{
imports = [
./hardware-configuration.nix
./variables-module.nix
./variables.nix
./files.nix
@ -34,9 +33,14 @@ in
boot.cleanTmpDir = true;
networking = {
hostName = config.services.userdata.hostname;
usePredictableInterfaceNames = false;
firewall = {
allowedTCPPorts = lib.mkForce [ 22 25 80 143 443 465 587 993 4443 8443 ];
allowedUDPPorts = lib.mkForce [ 8443 10000 ];
extraCommands = ''
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface vpn00 -j ACCEPT
'';
};
nameservers = [ "1.1.1.1" "1.0.0.1" ];
};
@ -84,4 +88,4 @@ in
enable = true;
};
};
}
}