nixos/wg-quick: Fix after wireguard got upstreamed

This commit is contained in:
Bastian Köcher 2020-04-03 11:16:35 +02:00
parent 23b5b1fb84
commit 644d643d68
1 changed files with 1 additions and 1 deletions

View File

@ -302,7 +302,7 @@ in {
###### implementation ###### implementation
config = mkIf (cfg.interfaces != {}) { config = mkIf (cfg.interfaces != {}) {
boot.extraModulePackages = [ kernel.wireguard ]; boot.extraModulePackages = optional (versionOlder kernel.kernel.version "5.6") kernel.wireguard;
environment.systemPackages = [ pkgs.wireguard-tools ]; environment.systemPackages = [ pkgs.wireguard-tools ];
# This is forced to false for now because the default "--validmark" rpfilter we apply on reverse path filtering # This is forced to false for now because the default "--validmark" rpfilter we apply on reverse path filtering
# breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard. # breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard.