| 13 Jun 2021 |
 Mic92 (Old) | So have a look where you set the default gateway in your config and remove it. I don't think it is necessary. It is very likely that your dhcp server is already pushing this information. | 14:25:54 |
 keithy | networking.defaultGateway = "10.11.12.1"; | 14:26:54 |
| keithy | not needed? | 14:26:59 |
| Mic92 (Old) | Right. Only in theory it could be the case that your dhcp server is not setting a default gateway but this is not very likely/common configuration. | 14:27:35 |
| Mic92 (Old) | * Right. Only in theory it could be the case that your dhcp server is not setting a default gateway but this is not a very likely/common configuration. | 14:27:46 |
| Mic92 (Old) | If this is the case your are better off doing the whole setup manually, which would also including setting your own ip address | 14:28:16 |
| keithy | ok so now network-setup is basically emty and starts ok | 14:31:10 |
| keithy | thanks! | 14:31:47 |
 antifuchs | do you folks recommend running nixos with systemd-networkd yet? I have a system with a fairly complex networking configuration in which the scripts-based approach regularly gets wedged /: | 14:38:29 |
| antifuchs | (but I also don't really dare activate systemd-networkd there because it is pretty complex) | 14:39:03 |
 Andreas Schrägle | antifuchs: define fairly complex. we use systemd networkd on nixos for a router, with pppoe, a bunch of vlans and all that kind of stuff. | 15:20:21 |
| antifuchs | It’s not a router, but has a bunch of vlans and several systemd containers with network interfaces on those vlans | 15:21:10 |
| antifuchs | (Each with its very own special networking config to avoid having to use host networking, heh) | 15:21:37 |
| antifuchs | It’s precisely those systemd Container child interfaces that have problems too: when you restart the container, there’s a 50:50 chance the interface will never again be configurable | 15:25:23 |
| Mic92 (Old) | antifuchs: let me put it this way you can do basically configure anything with networkd that can be configured via netlink. I thing the only thing that is not supported is openvswitch. | 16:11:10 |
| Mic92 (Old) | It's not the best solution if you need dynamic configuration i.e. if you have a laptop for servers its fine. | 16:12:15 |
| antifuchs | then that sounds great - this is kinda a server. I remember there were some limitations back when I last looked, but maybe it's worth another go | 16:13:07 |
| Mic92 (Old) | check man systemd.network | 16:28:16 |
| Mic92 (Old) | and man systemd.link | 16:28:29 |
| Mic92 (Old) | Everything should be there | 16:28:33 |
| 14 Jun 2021 |
 hpfr | I followed the wireguard page on the wiki to connect a nixos client to my LAN (point-to-site), but I had to go to the arch wiki to find ip route add 192.168.35.0/24 dev wg0 (where the CIDR is the LAN subnet) to get it to work. is there a nixos configuration value for this? | 07:54:25 |
 n0emis | In reply to @hpfr:matrix.org
I followed the wireguard page on the wiki to connect a nixos client to my LAN (point-to-site), but I had to go to the arch wiki to find ip route add 192.168.35.0/24 dev wg0 (where the CIDR is the LAN subnet) to get it to work. is there a nixos configuration value for this? if you have networking.wireguard.interfaces.<name>.allowedIPsAsRoutes set to true, you can just add the subnet to networking.wireguard.interfaces.<name>.peers.*.allowedIPs | 08:09:55 |
| hpfr | weird, that should have worked then because that option is true for me | 08:11:27 |
| n0emis | otherwise you could add the command to networking.wireguard.interfaces.<name>.postSetup | 08:12:33 |
| hpfr | might've just been a one time issue | 08:13:50 |
| hpfr | I'm trying to set up a wg network where I have road clients that connect to my home network (which is behind CGNAT) via a VPS with a public IP. I just got the VPS able to talk to hosts inside my home network, but my laptop which connects to the VPS over wireguard can't see hosts inside my home network | 08:14:05 |
| n0emis | well, you probably wan't to do something like ip route add 192.168.35.0/24 via $ROUTER, since the lan-subnet is not directly on the wg-link. then also allowedIPs is not the right option | 08:14:16 |
| hpfr | 🤔 all the guides I've seen suggest adding your LAN to allowedIPs is the way to go | 08:16:35 |
| hpfr | also, in the server setup in the wireguard wiki it enables NAT from the external interface to the wg interface, why is this done? | 08:21:35 |
|  Dandellion changed their profile picture. | 14:48:16 |
