nix-configurations/hosts/lkk-nix-1/services/containers/wireguard.nix

15 lines
485 B
Nix

{ config, outputs, ... }: {
virtualisation.oci-containers.containers."wireguard" = {
image = "weejewel/wg-easy";
environment = { WG_HOST = "wg.lanakk.com"; WG_DEFAULT_DNS = "10.88.0.1"; };
ports = [ "3007:51821/tcp" "51820:51820/udp" ];
volumes = [ "wireguard_data:/etc/wireguard" ];
extraOptions = [
"--cap-add=NET_ADMIN"
"--cap-add=SYS_MODULE"
"--sysctl=net.ipv4.conf.all.src_valid_mark=1"
"--sysctl=net.ipv4.ip_forward=1"
];
};
}