prefect: Update wireguard allowed ips
This commit is contained in:
parent
979cb9ae5b
commit
0bfca01749
1 changed files with 13 additions and 1 deletions
|
@ -40,12 +40,24 @@
|
|||
publicKey = "wW5iNQcNa9VphZWicMdc8k7lJbVrXPMtzmWsHBwPqE0=";
|
||||
persistentKeepalive = 15;
|
||||
dynamicEndpointRefreshSeconds = 5;
|
||||
allowedIPs = [ "0.0.0.0/0" ];
|
||||
allowedIPs = [
|
||||
"172.20.43.96/27"
|
||||
"172.20.0.0/24"
|
||||
"172.21.0.0/24"
|
||||
"172.22.0.0/24"
|
||||
"172.23.0.0/24"
|
||||
"172.20.0.0/14"
|
||||
"10.100.0.0/14"
|
||||
"10.127.0.0/16"
|
||||
"10.0.0.0/8"
|
||||
"172.31.0.0/16"
|
||||
];
|
||||
}
|
||||
];
|
||||
postSetup = ''
|
||||
${pkgs.iproute}/bin/ip addr add 172.20.43.96/32 peer 172.20.43.97/32 dev wg0
|
||||
${pkgs.iproute}/bin/ip -6 addr add fe80::1/64 peer fe80::2/64 dev wg0
|
||||
${pkgs.iproute}/bin/ip route del default dev wg0
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue