c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

dn42: fix wireguard

This commit is contained in:
Astro 2020-04-24 19:28:37 +02:00
parent 68f6b337c9
commit ea275446d5
1 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
hosts/containers/dn42/configuration.nix
View File

@ -70,20 +70,22 @@ in {
servers = builtins.mapAttrs (name: conf: mkServer name conf) openvpnNeighbors; servers = builtins.mapAttrs (name: conf: mkServer name conf) openvpnNeighbors;
}; };
networking.wireguard.enable = true; networking.wireguard = {
networking.wireguard.interfaces = enable = true;
let interfaces =
wireguardNeighbors = lib.filterAttrs (_: conf: conf ? wireguard) neighbors; let
in wireguardNeighbors = lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
builtins.mapAttrs (_: conf: { in
inherit (conf.wireguard) listenPort privateKey; builtins.mapAttrs (_: conf: {
ips = [ "${address4}/32" "${address6}/128" ]; inherit (conf.wireguard) listenPort privateKey;
peers = [ { ips = [ "${address4}/32" "${address6}/128" ];
inherit (conf.wireguard) endpoint publicKey; peers = [ {
allowedIPs = [ "0.0.0.0/0" "::0/0" ]; inherit (conf.wireguard) endpoint publicKey;
persistentKeepalive = 30; allowedIPs = [ "0.0.0.0/0" "::0/0" ];
} ]; persistentKeepalive = 30;
}) wireguardNeighbors; } ];
}) wireguardNeighbors;
};
services.bird2 = { services.bird2 = {
enable = true; enable = true;