foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 04:58:01 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

hosts/plover: update Wireguard "server" configuration

Browse Source
This commit is contained in:
Gabriel Arazas 2023-02-13 09:51:30 +08:00
parent a0e0dc5870
commit 60ab954c74
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
1 changed files with 2 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
hosts/plover/modules/services/wireguard.nix
View File

@ -12,9 +12,6 @@ let
desktopPeerAddresses = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ]; desktopPeerAddresses = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ];
phonePeerAddresses = with wireguardPeers.phone; [ "${IPv4}/32" "${IPv6}/128" ]; phonePeerAddresses = with wireguardPeers.phone; [ "${IPv4}/32" "${IPv6}/128" ];
internalDomains = [
"~${config.networking.fqdn}"
];
in in
{ {
environment.systemPackages = [ pkgs.wireguard-tools ]; environment.systemPackages = [ pkgs.wireguard-tools ];
@ -22,6 +19,8 @@ in
networking.firewall.allowedUDPPorts = [ wireguardPort ]; networking.firewall.allowedUDPPorts = [ wireguardPort ];
systemd.network = { systemd.network = {
wait-online.ignoredInterfaces = [ wireguardIFName ];
netdevs."99-${wireguardIFName}" = { netdevs."99-${wireguardIFName}" = {
netdevConfig = { netdevConfig = {
Name = wireguardIFName; Name = wireguardIFName;
@ -57,32 +56,10 @@ in
networks."99-${wireguardIFName}" = { networks."99-${wireguardIFName}" = {
matchConfig.Name = wireguardIFName; matchConfig.Name = wireguardIFName;
networkConfig.DNS = with interfaces.internal; [
IPv4.address
IPv6.address
];
linkConfig.RequiredForOnline = "no";
address = with interfaces.wireguard0; [ address = with interfaces.wireguard0; [
"${IPv4.address}/14" "${IPv4.address}/14"
"${IPv6.address}/64" "${IPv6.address}/64"
]; ];
routes = [
{
routeConfig = {
Gateway = wireguardPeers.server.IPv4;
Destination =
let
ip = lib.strings.splitString "." wireguardPeers.server.IPv4;
properRange = lib.lists.take 3 ip ++ [ "0" ];
ip' = lib.concatStringsSep "." properRange;
in
"${ip'}/16";
};
}
];
}; };
}; };
} }