Enable NAT for wireguard server

1 files changed, 5 insertions, 3 deletions

diff --git a/host/software/server/wireguard.nix b/host/software/server/wireguard.nix
index 21bf12a..cc4f2fa 100644
--- a/host/software/server/wireguard.nix
+++ b/host/software/server/wireguard.nix
@@ -3,6 +3,8 @@
     allowedUDPPorts = [ 54321 ];
   };
 
+  networking.nat.enable = true;
+
   networking.wireguard.interfaces = {
     wg0 = {
       ips = [ "10.100.0.1/24" ];
@@ -14,15 +16,15 @@
       peers = [
         { # obelix
           publicKey = "RrsNZKZ17Ol1WHxZesLnenGKnqxiQlE0T8xFP6/5mBE=";
-          allowedIPs = [ "10.100.0.2/32" ];
+          allowedIPs = [ "10.100.0.2" ];
         }
         { # majestix
           publicKey = "Tkoaewh9HB5rIuJVrFgClRF4x7prOtIlSJjiTYCpxis=";
-          allowedIPs = [ "10.100.0.3/32" ];
+          allowedIPs = [ "10.100.0.3" ];
         }
         { # athena
           publicKey = "t4SzRV/olVdzAKauJOwFau3I0fTISUvbOAaKGZd6ezU=";
-          allowedIPs = [ "10.100.0.4/32" ];
+          allowedIPs = [ "10.100.0.4" ];
         }
       ];
     };