chore: change wireguard subnet to avoid conflicts

2024-09-19 19:30:28 +05:00 · 2024-05-13 21:39:10 +05:00 · 2024-05-13 21:39:10 +05:00 · f6eb3806a7
parent de591bd560
commit f6eb3806a7
4 changed files with 10 additions and 10 deletions
--- a/nixos/networking/unbound.nix
+++ b/nixos/networking/unbound.nix
@ -8,15 +8,15 @@
        interface = "0.0.0.0";
        access-control = [
          "192.168.0.0/24 allow"
-          "10.100.0.0/24 allow"
+          "10.101.0.0/24 allow"
        ];
        local-zone = [
          "\"pp.comfycamp.space\" static"
          "\"vault.comfycamp.space\" static"
        ];
        local-data = [
-          "\"pp.comfycamp.space IN A 10.100.0.1\""
-          "\"vault.comfycamp.space IN A 10.100.0.1\""
+          "\"pp.comfycamp.space IN A 10.101.0.1\""
+          "\"vault.comfycamp.space IN A 10.101.0.1\""
        ];
      };
      forward-zone = [
--- a/nixos/networking/wireguard.nix
+++ b/nixos/networking/wireguard.nix
@ -7,14 +7,14 @@
  };

  networking.wireguard.interfaces.wg0 = {
-    ips = ["10.100.0.1/24" ];
+    ips = ["10.101.0.1/24" ];
    listenPort = 51820;

    postSetup = ''
-      ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o enp7s0 -j MASQUERADE
+      ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.101.0.0/24 -o enp7s0 -j MASQUERADE
    '';
    postShutdown = ''
-      ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o enp7s0 -j MASQUERADE
+      ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.101.0.0/24 -o enp7s0 -j MASQUERADE
    '';

    privateKeyFile = "/var/lib/wireguard/privkey";
@ -23,12 +23,12 @@
      {
        # laptop
        publicKey = "awAVP/tkl0Z9PKEMTABjIXhblWSGHhIvYjBFp3C7YUk=";
-        allowedIPs = [ "10.100.0.2/32" ];
+        allowedIPs = [ "10.101.0.2/32" ];
      }
      {
        # phone
        publicKey = "zPUl9jrC8dFaPWKk92btHptEzr09KNgGbdwSfiT7rEM=";
-        allowedIPs = [ "10.100.0.3/32" ];
+        allowedIPs = [ "10.101.0.3/32" ];
      }
    ];
  };
--- a/nixos/private/photoprism.nix
+++ b/nixos/private/photoprism.nix
@ -26,7 +26,7 @@
    useACMEHost = "comfycamp.space";
    forceSSL = true;
    listenAddresses = [
-      "10.100.0.1"
+      "10.101.0.1"
    ];
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.photoprism.port}";
--- a/nixos/private/vaultwarden.nix
+++ b/nixos/private/vaultwarden.nix
@ -28,7 +28,7 @@
    useACMEHost = "comfycamp.space";
    forceSSL = true;
    listenAddresses = [
-      "10.100.0.1"
+      "10.101.0.1"
    ];
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";