|
|
|
@ -13,7 +13,7 @@ with lib;
|
|
|
|
"wirenix-peer-${localPeerName}" = {
|
|
|
|
"wirenix-peer-${localPeerName}" = {
|
|
|
|
owner = "root";
|
|
|
|
owner = "root";
|
|
|
|
mode = "640";
|
|
|
|
mode = "640";
|
|
|
|
group = if config.wirenix.configurer == "networkd" then "systemd-network" else "root";
|
|
|
|
group = if (builtins.match ".*networkd.*" config.wirenix.configurer != null) then "systemd-network" else "root";
|
|
|
|
rekeyFile = config.wirenix.secretsDir + /wirenix-peer- + localPeerName + ".age";
|
|
|
|
rekeyFile = config.wirenix.secretsDir + /wirenix-peer- + localPeerName + ".age";
|
|
|
|
generator.script = {pkgs, file, ...}: ''
|
|
|
|
generator.script = {pkgs, file, ...}: ''
|
|
|
|
priv=$(${pkgs.wireguard-tools}/bin/wg genkey)
|
|
|
|
priv=$(${pkgs.wireguard-tools}/bin/wg genkey)
|
|
|
|
@ -25,7 +25,7 @@ with lib;
|
|
|
|
mapAttrs' (name: value: nameValuePair ("wirenix-subnet-${name}") {
|
|
|
|
mapAttrs' (name: value: nameValuePair ("wirenix-subnet-${name}") {
|
|
|
|
owner = "root";
|
|
|
|
owner = "root";
|
|
|
|
mode = "640";
|
|
|
|
mode = "640";
|
|
|
|
group = if config.wirenix.configurer == "networkd" then "systemd-network" else "root";
|
|
|
|
group = if (builtins.match ".*networkd.*" config.wirenix.configurer != null) then "systemd-network" else "root";
|
|
|
|
rekeyFile = config.wirenix.secretsDir + /wirenix-subnet- + name + ".age";
|
|
|
|
rekeyFile = config.wirenix.secretsDir + /wirenix-subnet- + name + ".age";
|
|
|
|
generator.script = {pkgs, ...}: ''
|
|
|
|
generator.script = {pkgs, ...}: ''
|
|
|
|
psk=$(${pkgs.wireguard-tools}/bin/wg genpsk)
|
|
|
|
psk=$(${pkgs.wireguard-tools}/bin/wg genpsk)
|
|
|
|
|
Matthew Salerno
10 months ago