diff options
| author | Alex Auvolat <alex@adnab.me> | 2023-03-17 18:18:25 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2023-03-17 18:18:25 +0100 |
| commit | 39254cca0ea74ca7c84c3de3f85102dbf4d39f44 (patch) | |
| tree | 70a6fdfa812467b7e006ece3d29750608f7864dd | |
| parent | f629f4c17187be0561cd27cd042270c33d2b2d98 (diff) | |
| download | nixcfg-39254cca0ea74ca7c84c3de3f85102dbf4d39f44.tar.gz nixcfg-39254cca0ea74ca7c84c3de3f85102dbf4d39f44.zip | |
keep wg-quick code as reference
| -rw-r--r-- | nix/deuxfleurs.nix | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 7c97ebf..ba8cdfc 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -264,6 +264,18 @@ in endpoint = endpoint; }) cfg.cluster_nodes; }; + # Old code for wg-quick, we can use this as a fallback if we fail to make wgautomesh work + # systemd.services."wg-quick-wg0".after = [ "unbound.service" ]; + # networking.wg-quick.interfaces.wg0 = { + # address = [ "${cfg.cluster_ip}/16" ]; + # listenPort = cfg.wireguard_port; + # privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private"; + # mtu = 1420; + # peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: { + # inherit publicKey endpoint; + # allowedIPs = [ "${IP}/32" ]; + # persistentKeepalive = 25; + # }; system.activationScripts.generate_df_wg_key = '' if [ ! -f /var/lib/deuxfleurs/wireguard-keys/private ]; then |