ryan
/
wirenix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e3c89e816f'
${ noResults }
wirenix/configurers/static.nix

45 lines
2.1 KiB
Nix
Raw Blame History

{lib, ...}@inputs: keyProviders: intermediateConfig: peerName:
with lib.trivial;
with lib.attrsets;
with lib.lists;
with lib;
with builtins;
with import ../lib.nix;
let
thisPeer = intermediateConfig.peers."${peerName}";
# these aren't really important, I just wanted to reverse the argument order
forEachAttr' = flip mapAttrs';
forEachAttrToList = flip mapAttrsToList;
keyProvidersInit = map (x: x inputs intermediateConfig peerName) keyProviders;
getPeerPubKey = otherPeerName: findFirst (x: x != null) (throw "Wirenix: Could not find public key for " + otherPeerName)
(map (provider: provider.getPeerPubKey otherPeerName) keyProvidersInit);
getPrivKeyFile = getPrivKeyFile (x: x != null) (throw "Wirenix: Could not find private key file for " + peerName)
(map (provider: provider.getPrivKeyFile) keyProvidersInit);
getPubKey = findFirst (x: x != null) (throw "Wirenix: Could not find public key for " + peerName)
(map (provider: provider.getPubKey) keyProvidersInit);
getSubnetPSKFile = subnetName: findFirst (x: x != null) (null)
(map (provider: provider.getSubnetPSKFile subnetName) keyProvidersInit);
in
{
networking.wireguard = {
interfaces = forEachAttr' thisPeer.subnetConnections (subnetName: subnetConnection: { name = "wn-${subnetName}";
value = {
ips = subnetConnection.ipAddresses;
listenPort = subnetConnection.listenPort;
privateKeyFile = getPrivKeyFile;
peers = forEachAttrToList subnetConnection.peerConnections (otherPeerName: peerConnection:
{
name = otherPeerName;
publicKey = getPeerPubKey otherPeerName;
presharedKeyFile = getSubnetPSKFile subnetName;
allowedIPs = peerConnection.ipAddresses;
endpoint = "${peerConnection.endpoint.ip}:${builtins.toString peerConnection.endpoint.port}";
}
// (mergeIf peerConnection.endpoint "persistentKeepalive")
// (mergeIf peerConnection.endpoint "dynamicEndpointRefreshSeconds")
// (mergeIf peerConnection.endpoint "dynamicEndpointRefreshRestartSeconds")
);
};}
);
};
}
Reference in New Issue View Git Blame Copy Permalink