summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsinanmohd <sinan@sinanmohd.com>2023-09-17 16:41:54 +0530
committersinanmohd <sinan@sinanmohd.com>2023-09-17 16:41:54 +0530
commit3919b3ab01f3b2384d0847adeaaf25fb3ad62adc (patch)
tree4c8317754eff1867034e8cf1a8af657622712d2e
parentff2ded07e7a525b2e26fc5d87b8ee258af53be93 (diff)
cez/wireguard: only route specific cloudflare ips
-rw-r--r--hosts/cez/modules/wireguard.nix5
1 files changed, 4 insertions, 1 deletions
diff --git a/hosts/cez/modules/wireguard.nix b/hosts/cez/modules/wireguard.nix
index 07ea90c..857520f 100644
--- a/hosts/cez/modules/wireguard.nix
+++ b/hosts/cez/modules/wireguard.nix
@@ -14,7 +14,10 @@ in
peers = [{
publicKey = "wJMyQDXmZO4MjYRk6NK4+J6ZKWLTTZygAH+OwbPjOiw=";
- allowedIPs = [ "0.0.0.0/0" ];
+ allowedIPs = [
+ "10.0.1.0/24"
+ "104.16.0.0/12"
+ ];
endpoint = "${domain}:51820";
persistentKeepalive = 25;
}];