From cccdec9fba182a53b9510d7e072e4bfeb9255e66 Mon Sep 17 00:00:00 2001
From: Patrick Spek
Date: Thu, 4 Apr 2024 12:49:39 +0200
Subject: Remove allowedIP additions from generated peers
wg-quick tries to add routes for each of these blocks as well, which
means there's overlap in the routing, which in turn breaks things again.
I could not find a way to make wg-quick only _accept_ traffic through
these IPs, without adding routes for them.
---
playbooks.d/vpn-wireguard/share/peer | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/playbooks.d/vpn-wireguard/share/peer b/playbooks.d/vpn-wireguard/share/peer
index 3092aac..9a95e38 100644
--- a/playbooks.d/vpn-wireguard/share/peer
+++ b/playbooks.d/vpn-wireguard/share/peer
@@ -1,5 +1,5 @@
[Peer]
-AllowedIPs = ${ipv6}/128,${ipv4}/32,,fd00:8::0/48,172.28.0.0/16,fd00:5::0/108,172.25.0.0/16
+AllowedIPs = ${ipv6}/128,${ipv4}/32
Endpoint = [${endpoint}]:${port}
PublicKey = ${pubkey}
PersistentKeepalive = ${keepalive}
--
cgit v1.1