dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

switch to nixpkgs-fmt

Browse source
This commit is contained in:
Tim Schubert 2022-08-04 21:13:54 +02:00
parent 8cd6ed1502
commit c43341a8b2
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
69 changed files with 664 additions and 665 deletions
Download patch file Download diff file Expand all files Collapse all files

28
nixos/modules/vpnServer.nix
View file

@ -1,12 +1,11 @@
{
config,
pkgs,
lib,
...
{ config
, pkgs
, lib
, ...
}:
with lib; let
cfg = config.dadada.vpnServer;
wgPeer = {name, ...}: {
wgPeer = { name, ... }: {
options = {
name = mkOption {
internal = true;
@ -24,13 +23,14 @@ with lib; let
};
};
};
in {
in
{
options.dadada.vpnServer = {
enable = mkEnableOption "Enable wireguard gateway";
peers = mkOption {
description = "Set of extensions and public keys of peers";
type = with types; attrsOf (submodule wgPeer);
default = {};
default = { };
};
};
config = mkIf cfg.enable {
@ -39,15 +39,15 @@ in {
interfaces."wg0" = {
allowedIPsAsRoutes = true;
privateKeyFile = "/var/lib/wireguard/wg0-key";
ips = ["fd42:9c3b:f96d:0201::0/64"];
ips = [ "fd42:9c3b:f96d:0201::0/64" ];
listenPort = 51234;
peers =
map
(peer: {
allowedIPs = ["fd42:9c3b:f96d:0201::${peer.id}/128"];
publicKey = peer.key;
})
(attrValues cfg.peers);
(peer: {
allowedIPs = [ "fd42:9c3b:f96d:0201::${peer.id}/128" ];
publicKey = peer.key;
})
(attrValues cfg.peers);
postSetup = ''
wg set wg0 fwmark 51234
ip -6 route add table 2468 fd42:9c3b:f96d::/48 dev ens3