colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

WIP: wg-dev

Browse Source
This commit is contained in:
Colin 2024-01-15 04:15:17 +00:00
parent 0efec20904
commit c45898f903
1 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
hosts/common/net/vpn.nix
View File

@ -9,19 +9,39 @@
# N.B.: maximum interface name in Linux is 15 characters. # N.B.: maximum interface name in Linux is 15 characters.
let let
def-wg-vpn = name: { endpoint, publicKey, address, dns, privateKeyFile }: { def-wg-vpn = name: { endpoint, publicKey, address, dns, privateKeyFile }: {
networking.wg-quick.interfaces."${name}" = { # networking.wg-quick.interfaces."${name}" = {
inherit address privateKeyFile dns; # inherit address privateKeyFile dns;
peers = [ # peers = [
{ # {
allowedIPs = [ # allowedIPs = [
# "0.0.0.0/0"
# "::/0"
# ];
# inherit endpoint publicKey;
# }
# ];
# # to start: `systemctl start wg-quick-${name}`
# autostart = false;
# };
systemd.network.netdevs."${name}" = {
# see: `man 5 systemd.netdev`
wireguardConfig = {
PrivateKeyFile = privateKeyFile;
};
wireguardPeers = [{
AllowedIPs = [
"0.0.0.0/0" "0.0.0.0/0"
"::/0" "::/0"
]; ];
inherit endpoint publicKey; Endpoint = endpoint;
} PublicKey = publicKey;
]; }];
# to start: `systemctl start wg-quick-${name}` };
autostart = false; systemd.network.networks."${name}" = {
# see: `man 5 systemd.network`
matchConfig.Name = name;
networkConfig.Address = address;
networkConfig.DNS = dns;
}; };
}; };
def-ovpn = name: { endpoint, publicKey, address }: def-wg-vpn "ovpnd-${name}" { def-ovpn = name: { endpoint, publicKey, address }: def-wg-vpn "ovpnd-${name}" {