services: adblock: restrict to wireguard interface
This commit is contained in:
parent
a551ace6a6
commit
3696471201
|
@ -36,9 +36,11 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
# Needed when connecting from Wireguard clients
|
# Allow wireguard clients to connect to it
|
||||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
networking.firewall.interfaces."${wgCfg.iface}" = {
|
||||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
allowedUDPPorts = [ 53 ];
|
||||||
|
allowedTCPPorts = [ 53 ];
|
||||||
|
};
|
||||||
|
|
||||||
services.unbound = {
|
services.unbound = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
Loading…
Reference in a new issue