From 3919b3ab01f3b2384d0847adeaaf25fb3ad62adc Mon Sep 17 00:00:00 2001 From: sinanmohd Date: Sun, 17 Sep 2023 16:41:54 +0530 Subject: cez/wireguard: only route specific cloudflare ips --- hosts/cez/modules/wireguard.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/cez/modules/wireguard.nix b/hosts/cez/modules/wireguard.nix index 07ea90c..857520f 100644 --- a/hosts/cez/modules/wireguard.nix +++ b/hosts/cez/modules/wireguard.nix @@ -14,7 +14,10 @@ in peers = [{ publicKey = "wJMyQDXmZO4MjYRk6NK4+J6ZKWLTTZygAH+OwbPjOiw="; - allowedIPs = [ "0.0.0.0/0" ]; + allowedIPs = [ + "10.0.1.0/24" + "104.16.0.0/12" + ]; endpoint = "${domain}:51820"; persistentKeepalive = 25; }]; -- cgit v1.2.3