WireGuard: Difference between revisions
→Route all traffic over wg0, except endpoint: fix firewallmark position |
→Peer setup: adjust option order |
||
| Line 163: | Line 163: | ||
wireguardConfig = { | wireguardConfig = { | ||
ListenPort = 51820; | ListenPort = 51820; | ||
PrivateKeyFile = config.age.secrets.wg-key-vps.path; | |||
# To automatically create routes for everything in AllowedIPs, | # To automatically create routes for everything in AllowedIPs, | ||
| Line 171: | Line 173: | ||
# with the number 42, which can be used to define policy rules on these packets. | # with the number 42, which can be used to define policy rules on these packets. | ||
FirewallMark = 42; | FirewallMark = 42; | ||
}; | }; | ||
wireguardPeers = [ | wireguardPeers = [ | ||