WireGuard: Difference between revisions
→Route all traffic over wg0, except endpoint: add ...continued |
→Peer setup: add comment to indicate permissions needed for networkd secret |
||
| (One intermediate revision by one other user not shown) | |||
| Line 167: | Line 167: | ||
ListenPort = 51820; | ListenPort = 51820; | ||
# ensure file is readable by `systemd-network` user | |||
PrivateKeyFile = config.age.secrets.wg-key-vps.path; | PrivateKeyFile = config.age.secrets.wg-key-vps.path; | ||
| Line 387: | Line 388: | ||
Family = "both"; | Family = "both"; | ||
} | } | ||
] | ]; | ||
# Configure port forwarding for Transmission under NAT | |||
networking.nat.forwardPorts = | |||
[ | |||
{ | |||
destination = "10.0.0.1:80"; | |||
proto = "tcp"; | |||
sourcePort = 8080; | |||
} | |||
{ | |||
destination = "[fc00::2]:80"; | |||
proto = "tcp"; | |||
sourcePort = 8080; | |||
} | |||
]; | |||
</syntaxhighlight> | </syntaxhighlight> | ||