From 39254cca0ea74ca7c84c3de3f85102dbf4d39f44 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 17 Mar 2023 18:18:25 +0100 Subject: keep wg-quick code as reference --- nix/deuxfleurs.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 7c97ebf..ba8cdfc 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -264,6 +264,18 @@ in endpoint = endpoint; }) cfg.cluster_nodes; }; + # Old code for wg-quick, we can use this as a fallback if we fail to make wgautomesh work + # systemd.services."wg-quick-wg0".after = [ "unbound.service" ]; + # networking.wg-quick.interfaces.wg0 = { + # address = [ "${cfg.cluster_ip}/16" ]; + # listenPort = cfg.wireguard_port; + # privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private"; + # mtu = 1420; + # peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: { + # inherit publicKey endpoint; + # allowedIPs = [ "${IP}/32" ]; + # persistentKeepalive = 25; + # }; system.activationScripts.generate_df_wg_key = '' if [ ! -f /var/lib/deuxfleurs/wireguard-keys/private ]; then -- cgit v1.2.3