mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 15:45:38 +00:00
transmission reaches internet through vpn
This commit is contained in:
parent
129e4bba4b
commit
d8b5d74dcb
@ -37,7 +37,7 @@ in {
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "wireguard-wg0.service" ];
|
||||
unitConfig.JoinsNamespaceOf = "netns@wg.service";
|
||||
serviceConfig = { PrivateNetwork = true; };
|
||||
serviceConfig.NetworkNamespacePath = "/var/run/netns/wg";
|
||||
};
|
||||
|
||||
# Create reverse proxy for web UI
|
||||
@ -51,12 +51,10 @@ in {
|
||||
|
||||
# Allow inbound connections to reach namespace
|
||||
systemd.services.transmission-web-netns = {
|
||||
description = "Forward to transmission in netns";
|
||||
description = "Forward to transmission in wireguard namespace";
|
||||
requires = [ "transmission.service" ];
|
||||
after = [ "transmission.service" ];
|
||||
serviceConfig = {
|
||||
User = "transmission";
|
||||
Group = "transmission";
|
||||
Restart = "on-failure";
|
||||
TimeoutStopSec = 300;
|
||||
};
|
||||
|
@ -33,15 +33,15 @@ in {
|
||||
|
||||
}];
|
||||
|
||||
# Namespaces
|
||||
# Move to network namespace for isolating programs
|
||||
interfaceNamespace = "wg";
|
||||
# socketNamespace = "wg";
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Create namespace for Wireguard
|
||||
# This allows us to isolate specific programs to Wireguard
|
||||
systemd.services."netns@" = {
|
||||
description = "%I network namespace";
|
||||
before = [ "network.target" ];
|
||||
@ -53,7 +53,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
# Private key file for wireguard
|
||||
# Create private key file for wireguard
|
||||
systemd.services.wireguard-private-key = {
|
||||
wantedBy = [ "wireguard-wg0.service" ];
|
||||
requiredBy = [ "wireguard-wg0.service" ];
|
||||
|
Loading…
Reference in New Issue
Block a user