WireGuard: Difference between revisions

(3 intermediate revisions by 3 users not shown)

Line 18:

systemd.network is recommended due to its powerful configuration interface.

wg-quick is suitable for common usage patterns. networking.wireguard seems to

have issues with routing. NetworkManager does not ~~supoort~~ Proxy server setup, and

have issues with routing. NetworkManager does not support Proxy server setup, and

is cubersome to use.

Line 167:

ListenPort = 51820;

# ensure file is readable by `systemd-network` user

PrivateKeyFile = config.age.secrets.wg-key-vps.path;

Line 387:

Line 388:

Family = "both";

}

]

];

# Configure port forwarding for Transmission under NAT

networking.nat.forwardPorts =

[

{

destination = "10.0.0.1:80";

proto = "tcp";

sourcePort = 8080;

}

{

destination = "[fc00::2]:80";

proto = "tcp";

sourcePort = 8080;

}

];

</syntaxhighlight>

Line 546:

Line 561:

== Reuse existing wg-quick config file ==

If you have WireGuard configuration files that you want to use as-is

If you have WireGuard configuration files that you want to use as-is (similarly how you would configure WireGuard e.g. in [https://wiki.debian.org/WireGuard#Step_2_-_Configuration Debian]), without converting them to a declarative NixOS configuration, you can also configure <code>wg-quick</code> to use them. For example, if you have a configuration file <code>/etc/nixos/wireguard/wg0.conf</code>, add the following line to your <code>configuration.nix</code>:

(similarly how you would

[https://wiki.debian.org/WireGuard#Step_2_-_Configuration ~~configure~~

~~WireGuard e.g. in~~ Debian], without converting them to a declarative

NixOS configuration, you can also configure <code>wg-quick</code> to

use them. For example, if you have a configuration file

<code>/etc/nixos/wireguard/wg0.conf</code>, add the following line to

your <code>configuration.nix</code>:

@@ Line 18: / Line 18: @@
 systemd.network is recommended due to its powerful configuration interface.
 wg-quick is suitable for common usage patterns.  networking.wireguard seems to
-have issues with routing.  NetworkManager does not supoort Proxy server setup, and
+have issues with routing.  NetworkManager does not support Proxy server setup, and
 is cubersome to use.
@@ Line 167: / Line 167: @@
          ListenPort = 51820;
+        # ensure file is readable by `systemd-network` user
          PrivateKeyFile = config.age.secrets.wg-key-vps.path;
@@ Line 387: / Line 388: @@
        Family = "both";
      }
-   ]
+   ];
+  # Configure port forwarding for Transmission under NAT
+  networking.nat.forwardPorts =
+       [
+         {
+           destination = "10.0.0.1:80";
+           proto = "tcp";
+           sourcePort = 8080;
+         }
+         {
+           destination = "[fc00::2]:80";
+           proto = "tcp";
+           sourcePort = 8080;
+         }
+       ];
 </syntaxhighlight>
@@ Line 546: / Line 561: @@
 == Reuse existing wg-quick config file ==
-If you have WireGuard configuration files that you want to use as-is
+If you have WireGuard configuration files that you want to use as-is (similarly how you would configure WireGuard e.g. in [https://wiki.debian.org/WireGuard#Step_2_-_Configuration Debian]), without converting them to a declarative NixOS configuration, you can also configure <code>wg-quick</code> to use them. For example, if you have a configuration file <code>/etc/nixos/wireguard/wg0.conf</code>, add the following line to your <code>configuration.nix</code>:
-(similarly how you would
-[https://wiki.debian.org/WireGuard#Step_2_-_Configuration configure
-WireGuard e.g. in Debian], without converting them to a declarative
-NixOS configuration, you can also configure <code>wg-quick</code> to
-use them. For example, if you have a configuration file
-<code>/etc/nixos/wireguard/wg0.conf</code>, add the following line to
-your <code>configuration.nix</code>:
 <syntaxHighlight lang="nix">