From f6eb3806a723bf75997e4c07f4c569695d7a6f9b Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <ordinarydev@protonmail.com>
Date: Mon, 13 May 2024 21:39:10 +0500
Subject: [PATCH] chore: change wireguard subnet to avoid conflicts

---
 nixos/networking/unbound.nix   |  6 +++---
 nixos/networking/wireguard.nix | 10 +++++-----
 nixos/private/photoprism.nix   |  2 +-
 nixos/private/vaultwarden.nix  |  2 +-
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/nixos/networking/unbound.nix b/nixos/networking/unbound.nix
index 7d1f980..e84e0f1 100644
--- a/nixos/networking/unbound.nix
+++ b/nixos/networking/unbound.nix
@@ -8,15 +8,15 @@
         interface = "0.0.0.0";
         access-control = [
           "192.168.0.0/24 allow"
-          "10.100.0.0/24 allow"
+          "10.101.0.0/24 allow"
         ];
         local-zone = [
           "\"pp.comfycamp.space\" static"
           "\"vault.comfycamp.space\" static"
         ];
         local-data = [
-          "\"pp.comfycamp.space IN A 10.100.0.1\""
-          "\"vault.comfycamp.space IN A 10.100.0.1\""
+          "\"pp.comfycamp.space IN A 10.101.0.1\""
+          "\"vault.comfycamp.space IN A 10.101.0.1\""
         ];
       };
       forward-zone = [
diff --git a/nixos/networking/wireguard.nix b/nixos/networking/wireguard.nix
index fc833f6..35b32e8 100644
--- a/nixos/networking/wireguard.nix
+++ b/nixos/networking/wireguard.nix
@@ -7,14 +7,14 @@
   };
 
   networking.wireguard.interfaces.wg0 = {
-    ips = ["10.100.0.1/24" ];
+    ips = ["10.101.0.1/24" ];
     listenPort = 51820;
 
     postSetup = ''
-      ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o enp7s0 -j MASQUERADE
+      ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.101.0.0/24 -o enp7s0 -j MASQUERADE
     '';
     postShutdown = ''
-      ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o enp7s0 -j MASQUERADE
+      ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.101.0.0/24 -o enp7s0 -j MASQUERADE
     '';
 
     privateKeyFile = "/var/lib/wireguard/privkey";
@@ -23,12 +23,12 @@
       {
         # laptop
         publicKey = "awAVP/tkl0Z9PKEMTABjIXhblWSGHhIvYjBFp3C7YUk=";
-        allowedIPs = [ "10.100.0.2/32" ];
+        allowedIPs = [ "10.101.0.2/32" ];
       }
       {
         # phone
         publicKey = "zPUl9jrC8dFaPWKk92btHptEzr09KNgGbdwSfiT7rEM=";
-        allowedIPs = [ "10.100.0.3/32" ];
+        allowedIPs = [ "10.101.0.3/32" ];
       }
     ];
   };
diff --git a/nixos/private/photoprism.nix b/nixos/private/photoprism.nix
index 07ca047..951f91c 100644
--- a/nixos/private/photoprism.nix
+++ b/nixos/private/photoprism.nix
@@ -26,7 +26,7 @@
     useACMEHost = "comfycamp.space";
     forceSSL = true;
     listenAddresses = [
-      "10.100.0.1"
+      "10.101.0.1"
     ];
     locations."/" = {
       proxyPass = "http://127.0.0.1:${toString config.services.photoprism.port}";
diff --git a/nixos/private/vaultwarden.nix b/nixos/private/vaultwarden.nix
index a3380eb..bbdaf8f 100644
--- a/nixos/private/vaultwarden.nix
+++ b/nixos/private/vaultwarden.nix
@@ -28,7 +28,7 @@
     useACMEHost = "comfycamp.space";
     forceSSL = true;
     listenAddresses = [
-      "10.100.0.1"
+      "10.101.0.1"
     ];
     locations."/" = {
       proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";