From be29ad8bd86afb83662d6e5117d3ddda3e6e3644 Mon Sep 17 00:00:00 2001 From: colin Date: Thu, 19 Jan 2023 07:45:14 +0000 Subject: [PATCH] servo: rename wg0 interface -> wg-ovpns --- hosts/servo/net.nix | 8 ++++---- hosts/servo/services/jackett.nix | 4 ++-- hosts/servo/services/postfix.nix | 8 ++++---- hosts/servo/services/transmission.nix | 4 ++-- pkgs/sane-scripts/src/sane-stop-all-servo | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/hosts/servo/net.nix b/hosts/servo/net.nix index dc58aae5..3a392229 100644 --- a/hosts/servo/net.nix +++ b/hosts/servo/net.nix @@ -52,18 +52,18 @@ # services.resolved.extraConfig = '' # # docs: `man resolved.conf` - # # DNS servers to use via the `wg0` interface. + # # DNS servers to use via the `wg-ovpns` interface. # # i hope that from the root ns, these aren't visible. - # DNS=46.227.67.134%wg0 192.165.9.158%wg0 + # DNS=46.227.67.134%wg-ovpns 192.165.9.158%wg-ovpns # FallbackDNS=1.1.1.1 9.9.9.9 # ''; # OVPN CONFIG (https://www.ovpn.com): # DOCS: https://nixos.wiki/wiki/WireGuard - # if you `systemctl restart wireguard-wg0`, make sure to also restart any other services in `NetworkNamespacePath = .../ovpns`. + # if you `systemctl restart wireguard-wg-ovpns`, make sure to also restart any other services in `NetworkNamespacePath = .../ovpns`. # TODO: why not create the namespace as a seperate operation (nix config for that?) networking.wireguard.enable = true; - networking.wireguard.interfaces.wg0 = let + networking.wireguard.interfaces.wg-ovpns = let ip = "${pkgs.iproute2}/bin/ip"; in-ns = "${ip} netns exec ovpns"; iptables = "${pkgs.iptables}/bin/iptables"; diff --git a/hosts/servo/services/jackett.nix b/hosts/servo/services/jackett.nix index 0f647e6e..33e6bc8b 100644 --- a/hosts/servo/services/jackett.nix +++ b/hosts/servo/services/jackett.nix @@ -7,8 +7,8 @@ ]; services.jackett.enable = true; - systemd.services.jackett.after = [ "wireguard-wg0.service" ]; - systemd.services.jackett.partOf = [ "wireguard-wg0.service" ]; + systemd.services.jackett.after = [ "wireguard-wg-ovpns.service" ]; + systemd.services.jackett.partOf = [ "wireguard-wg-ovpns.service" ]; systemd.services.jackett.serviceConfig = { # run this behind the OVPN static VPN NetworkNamespacePath = "/run/netns/ovpns"; diff --git a/hosts/servo/services/postfix.nix b/hosts/servo/services/postfix.nix index 8bdc957b..1a64ed6a 100644 --- a/hosts/servo/services/postfix.nix +++ b/hosts/servo/services/postfix.nix @@ -110,8 +110,8 @@ in services.postfix.enableSubmissions = true; services.postfix.submissionsOptions = submissionOptions; - systemd.services.postfix.after = [ "wireguard-wg0.service" ]; - systemd.services.postfix.partOf = [ "wireguard-wg0.service" ]; + systemd.services.postfix.after = [ "wireguard-wg-ovpns.service" ]; + systemd.services.postfix.partOf = [ "wireguard-wg-ovpns.service" ]; systemd.services.postfix.serviceConfig = { # run this behind the OVPN static VPN NetworkNamespacePath = "/run/netns/ovpns"; @@ -132,8 +132,8 @@ in # keeping this the same as the hostname seems simplest services.opendkim.selector = "mx"; - systemd.services.opendkim.after = [ "wireguard-wg0.service" ]; - systemd.services.opendkim.partOf = [ "wireguard-wg0.service" ]; + systemd.services.opendkim.after = [ "wireguard-wg-ovpns.service" ]; + systemd.services.opendkim.partOf = [ "wireguard-wg-ovpns.service" ]; systemd.services.opendkim.serviceConfig = { # run this behind the OVPN static VPN NetworkNamespacePath = "/run/netns/ovpns"; diff --git a/hosts/servo/services/transmission.nix b/hosts/servo/services/transmission.nix index e7e22e51..554b6f5f 100644 --- a/hosts/servo/services/transmission.nix +++ b/hosts/servo/services/transmission.nix @@ -40,8 +40,8 @@ # transmission will by default not allow the world to read its files. services.transmission.downloadDirPermissions = "775"; - systemd.services.transmission.after = [ "wireguard-wg0.service" ]; - systemd.services.transmission.partOf = [ "wireguard-wg0.service" ]; + systemd.services.transmission.after = [ "wireguard-wg-ovpns.service" ]; + systemd.services.transmission.partOf = [ "wireguard-wg-ovpns.service" ]; systemd.services.transmission.serviceConfig = { # run this behind the OVPN static VPN NetworkNamespacePath = "/run/netns/ovpns"; diff --git a/pkgs/sane-scripts/src/sane-stop-all-servo b/pkgs/sane-scripts/src/sane-stop-all-servo index f049fe2e..0f6ea54f 100755 --- a/pkgs/sane-scripts/src/sane-stop-all-servo +++ b/pkgs/sane-scripts/src/sane-stop-all-servo @@ -10,4 +10,4 @@ sudo systemctl stop postgresql sudo systemctl stop duplicity.timer sudo systemctl stop duplicity sudo systemctl stop trust-dns -sudo systemctl stop wireguard-wg0 +sudo systemctl stop wireguard-wg-ovpns