From 809f83c040284a4ba68beec332c5ac1a15ec9aa7 Mon Sep 17 00:00:00 2001
From: Adithya Nair <adtya@adtya.xyz>
Date: Tue, 10 Oct 2023 23:18:30 +0530
Subject: [PATCH] add wg0 as trusted interface in firewall

---
 hosts/rico2/wireguard.nix   | 1 +
 hosts/skipper/wireguard.nix | 1 +
 2 files changed, 2 insertions(+)

diff --git a/hosts/rico2/wireguard.nix b/hosts/rico2/wireguard.nix
index 956660a..2ed8f9c 100644
--- a/hosts/rico2/wireguard.nix
+++ b/hosts/rico2/wireguard.nix
@@ -5,6 +5,7 @@
 }: let
   inherit (secrets.wireguard_config) peers;
 in {
+  networking.firewall.trustedInterfaces = ["wg0"];
   networking.wireguard = {
     enable = true;
     interfaces = {
diff --git a/hosts/skipper/wireguard.nix b/hosts/skipper/wireguard.nix
index 956660a..2ed8f9c 100644
--- a/hosts/skipper/wireguard.nix
+++ b/hosts/skipper/wireguard.nix
@@ -5,6 +5,7 @@
 }: let
   inherit (secrets.wireguard_config) peers;
 in {
+  networking.firewall.trustedInterfaces = ["wg0"];
   networking.wireguard = {
     enable = true;
     interfaces = {