aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2023-03-17 18:18:25 +0100
committerAlex Auvolat <alex@adnab.me>2023-03-17 18:18:25 +0100
commit39254cca0ea74ca7c84c3de3f85102dbf4d39f44 (patch)
tree70a6fdfa812467b7e006ece3d29750608f7864dd
parentf629f4c17187be0561cd27cd042270c33d2b2d98 (diff)
downloadnixcfg-39254cca0ea74ca7c84c3de3f85102dbf4d39f44.tar.gz
nixcfg-39254cca0ea74ca7c84c3de3f85102dbf4d39f44.zip
keep wg-quick code as reference
-rw-r--r--nix/deuxfleurs.nix12
1 files changed, 12 insertions, 0 deletions
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix
index 7c97ebf..ba8cdfc 100644
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@@ -264,6 +264,18 @@ in
endpoint = endpoint;
}) cfg.cluster_nodes;
};
+ # Old code for wg-quick, we can use this as a fallback if we fail to make wgautomesh work
+ # systemd.services."wg-quick-wg0".after = [ "unbound.service" ];
+ # networking.wg-quick.interfaces.wg0 = {
+ # address = [ "${cfg.cluster_ip}/16" ];
+ # listenPort = cfg.wireguard_port;
+ # privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private";
+ # mtu = 1420;
+ # peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {
+ # inherit publicKey endpoint;
+ # allowedIPs = [ "${IP}/32" ];
+ # persistentKeepalive = 25;
+ # };
system.activationScripts.generate_df_wg_key = ''
if [ ! -f /var/lib/deuxfleurs/wireguard-keys/private ]; then