yee haw

2026-01-17 01:55:10 +01:00 · 2024-08-01 15:20:21 +02:00 · 2024-08-01 15:20:21 +02:00 · 633f26d24d
commit 633f26d24d
parent e12757d1f0
17 changed files with 115 additions and 35 deletions
--- a/newinfra/nix/modules/wg-mesh/default.nix
+++ b/newinfra/nix/modules/wg-mesh/default.nix
@ -19,6 +19,10 @@ in
    in
    builtins.listToAttrs wgHostEntries;

+  networking.firewall.allowedUDPPorts = [
+    listenPort
+  ];
+
  age.secrets.wg_private.file = ../../secrets/wg_private_${name}.age;
  networking.wg-quick.interfaces = {
    wg0 = {
@ -33,6 +37,8 @@ in
            inherit (peerConfig) publicKey;
            endpoint = "${peer}.infra.noratrieb.dev:${toString listenPort}";
            allowedIPs = [ "${peerConfig.privateIP}/32" ];
+            # sometimes there's some weirdness....??
+            persistentKeepalive = 25;
          }
        )
        wgSettings.peers;