From 3aacad45f34efb85bcd956f3289abb8e5ca8bf38 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Sun, 16 Feb 2025 16:26:18 +1300
Subject: [PATCH] :bug: fix wireguard forwarding

---
 machines/orbi/configuration.nix     | 3 +++
 machines/orbi/network-wireguard.nix | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/machines/orbi/configuration.nix b/machines/orbi/configuration.nix
index 0b2db15..3bb56b6 100644
--- a/machines/orbi/configuration.nix
+++ b/machines/orbi/configuration.nix
@@ -56,8 +56,11 @@
   components.network.enable = true;
   components.network.nginx.landingpage.enable = false;
   components.network.wifi.enable = false;
+
   components.virtualisation.enable = true; # we only enable this stuff where we need it explicitly
   components.virtualisation.podman.enable = false;
+  components.virtualisation.virtualbox.enable = false;
+
   virtualisation.oci-containers.backend = "docker";
 
   features.network.fail2ban.enable = true;
diff --git a/machines/orbi/network-wireguard.nix b/machines/orbi/network-wireguard.nix
index f48b84f..2b01481 100644
--- a/machines/orbi/network-wireguard.nix
+++ b/machines/orbi/network-wireguard.nix
@@ -31,7 +31,7 @@ in
     ping -c 1 -W 5 ${config.clan.core.facts.services.wireguard_ip.public."wireguard.wg0.ip".value}
   '';
 
-  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
+  boot.kernel.sysctl."net.ipv4.conf.wg0.forwarding" = true;
 
   # Enable WireGuard
   networking.wg-quick.interfaces = {