You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 lines
1.6 KiB
Nix
41 lines
1.6 KiB
Nix
1 year ago
|
{config, lib, ...}: intermediateConfig:
|
||
1 year ago
|
with lib.trivial;
|
||
|
with lib.attrsets;
|
||
|
with lib.lists;
|
||
|
with lib;
|
||
|
let
|
||
|
# check whether or not agenix-rekey exists
|
||
|
has-rekey = config ? rekey;
|
||
1 year ago
|
thisPeer = intermediateConfig.peers."${config.wirenix.peerName}";
|
||
1 year ago
|
# these aren't really important, I just wanted to reverse the argument order
|
||
1 year ago
|
forEachAttr' = flip mapAttrs';
|
||
1 year ago
|
forEachAttrToList = flip mapAttrsToList;
|
||
|
in
|
||
|
{
|
||
|
networking.wireguard = {
|
||
1 year ago
|
interfaces = forEachAttr' thisPeer.subnetConnections (name: subnetConnection: { name = "wg-${name}";
|
||
1 year ago
|
value = {
|
||
1 year ago
|
ips = subnetConnection.ipAddresses;
|
||
|
listenPort = subnetConnection.listenPort;
|
||
1 year ago
|
privateKeyFile = thisPeer.privateKeyFile;
|
||
1 year ago
|
peers = forEachAttrToList subnetConnection.peerConnections (peerName: peerConnection: mkMerge [
|
||
1 year ago
|
{
|
||
|
name = peerName;
|
||
|
publicKey = peerConnection.peer.publicKey;
|
||
1 year ago
|
allowedIPs = peerConnection.ipAddresses;
|
||
1 year ago
|
endpoint = "${peerConnection.endpoint.ip}:${peerConnection.endpoint.port}";
|
||
|
}
|
||
|
mkIf (peerConnection.endpoint ? persistentKeepalive) {
|
||
|
persistentKeepalive = peerConnection.endpoint.persistentKeepalive;
|
||
|
}
|
||
|
mkIf (peerConnection.endpoint ? dynamicEndpointRefreshSeconds) {
|
||
|
dynamicEndpointRefreshSeconds = peerConnection.endpoint.dynamicEndpointRefreshSeconds;
|
||
|
}
|
||
|
mkIf (peerConnection.endpoint ? dynamicEndpointRefreshRestartSeconds) {
|
||
|
dynamicEndpointRefreshRestartSeconds = peerConnection.endpoint.dynamicEndpointRefreshRestartSeconds;
|
||
|
}
|
||
|
]);
|
||
|
};}
|
||
|
);
|
||
|
};
|
||
|
}
|