diff options
author | sinanmohd <sinan@sinanmohd.com> | 2023-09-17 16:41:54 +0530 |
---|---|---|
committer | sinanmohd <sinan@sinanmohd.com> | 2023-09-17 16:41:54 +0530 |
commit | 3919b3ab01f3b2384d0847adeaaf25fb3ad62adc (patch) | |
tree | 4c8317754eff1867034e8cf1a8af657622712d2e /hosts/cez | |
parent | ff2ded07e7a525b2e26fc5d87b8ee258af53be93 (diff) |
cez/wireguard: only route specific cloudflare ips
Diffstat (limited to 'hosts/cez')
-rw-r--r-- | hosts/cez/modules/wireguard.nix | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/hosts/cez/modules/wireguard.nix b/hosts/cez/modules/wireguard.nix index 07ea90c..857520f 100644 --- a/hosts/cez/modules/wireguard.nix +++ b/hosts/cez/modules/wireguard.nix @@ -14,7 +14,10 @@ in peers = [{ publicKey = "wJMyQDXmZO4MjYRk6NK4+J6ZKWLTTZygAH+OwbPjOiw="; - allowedIPs = [ "0.0.0.0/0" ]; + allowedIPs = [ + "10.0.1.0/24" + "104.16.0.0/12" + ]; endpoint = "${domain}:51820"; persistentKeepalive = 25; }]; |