dn42: implement wireguard
This commit is contained in:
parent
2fc4716870
commit
52387b4db7
|
@ -70,6 +70,20 @@ in {
|
|||
servers = builtins.mapAttrs (name: conf: mkServer name conf) openvpnNeighbors;
|
||||
};
|
||||
|
||||
wireguard.interfaces =
|
||||
let
|
||||
wireguardNeighbors = lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
|
||||
in
|
||||
builtins.mapAttrs (_: conf: {
|
||||
inherit (conf.wireguard) privateKey;
|
||||
ips = [ "${address4}/32" "${address6}/128" ];
|
||||
peers = [ {
|
||||
inherit (conf.wireguard) endpoint publicKey;
|
||||
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
||||
persistentKeepalive = 30;
|
||||
} ];
|
||||
}) wireguardNeighbors;
|
||||
|
||||
services.bird2 = {
|
||||
enable = true;
|
||||
config =
|
||||
|
|
2
secrets
2
secrets
|
@ -1 +1 @@
|
|||
Subproject commit 8f732b652a03432da81ed67aa9d968d6842ed0b4
|
||||
Subproject commit 62c54789642e6e437beccd0868923032f5440899
|
Loading…
Reference in New Issue