feat: bridge wg namespace to root

configuration.nix

@@ -139,11 +139,18 @@
       RemainAfterExist = true;
       ExecStart = with pkgs; writers.writeBash "wg-up" ''
         set -e
+        # Create wireguard
         ${iproute}/bin/ip link add wg0 type wireguard
+        # Move to wg namespace
         ${iproute}/bin/ip link set wg0 netns wg
+        # Connect to vpn
         ${iproute}/bin/ip -n wg address add 10.65.64.220/32 dev wg0
         ${iproute}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0
         ${iproute}/bin/ip netns exec wg ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf
+        # Bridge namespace to physical port
+        ${iproute}/bin/ip link add macvlan1 link enp3s0 type macvlan mode bridge
+        ${iproute}/bin/ip link set macvlan1 netns wg 
+        # Open network
         ${iproute}/bin/ip -n wg link set wg0 up
         ${iproute}/bin/ip -n wg route add default dev wg0
         ${iproute}/bin/ip -n wg -6 route add default dev wg0
@@ -156,7 +163,10 @@
     };
   };
 
-  services.aria2.enable = true;
+  services.aria2 = {
+    enable = true;
+    extraArguments = "--bt-external-ip=10.65.64.220";
+  };
   systemd.services."aria2" = {
     bindsTo = [ "netns@wg.service" ];
     requires = [ "network-online.target" ];