From 32f42031a5717320efbb52259b68cfd9a5ae65e2 Mon Sep 17 00:00:00 2001
From: Christoph Urlacher <christoph.urlacher@protonmail.com>
Date: Thu, 10 Jul 2025 23:54:01 +0200
Subject: [PATCH] System/Thinknix: Update postup/postdown iptables rules for
 vps-wg-client

---
 system/thinknix/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/system/thinknix/default.nix b/system/thinknix/default.nix
index 943b42e1..849159de 100644
--- a/system/thinknix/default.nix
+++ b/system/thinknix/default.nix
@@ -70,6 +70,14 @@
     #   ${pkgs.iproute2}/bin/ip netns add ${name}
     # '';
 
+    postSetup = ''
+      ${pkgs.iptables} -A FORWARD -i vps-wg-client -j ACCEPT
+      ${pkgs.iptables} -t nat -A POSTROUTING -o ens18 -j MASQUERADE
+    '';
+    postShutdown = ''
+      ${pkgs.iptables} -D FORWARD -i vps-wg-client -j ACCEPT
+      ${pkgs.iptables} -t nat -D POSTROUTING -o ens18 -j MASQUERADE
+    '';
     # postSetup = ''
     #   ${pkgs.iptables} -A FORWARD -i wg0-client -j ACCEPT
     #   ${pkgs.iptables} -t nat -A POSTROUTING -o eth0 -j MASQUERADE