ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

modules: services: wireguard: simplify

Browse source
This commit is contained in:
Bruno BELANYI 2023-05-03 14:44:10 +00:00
parent 49b2cb9781
commit 2f3989bba1
1 changed files with 25 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
modules/services/wireguard/default.nix
View file

@ -8,40 +8,31 @@ let
secrets = config.age.secrets; secrets = config.age.secrets;
hostName = config.networking.hostName; hostName = config.networking.hostName;
peers = peers = {
let # "Server"
mkPeer = name: attrs: { porthos = {
inherit (attrs) clientNum publicKey; clientNum = 1;
privateKeyFile = secrets."wireguard/private-key".path; publicKey = "PLdgsizztddri0LYtjuNHr5r2E8D+yI+gM8cm5WDfHQ=";
} // lib.optionalAttrs (attrs ? externalIp) { externalIp = "91.121.177.163";
inherit (attrs) externalIp;
};
in
lib.mapAttrs mkPeer {
# "Server"
porthos = {
clientNum = 1;
publicKey = "PLdgsizztddri0LYtjuNHr5r2E8D+yI+gM8cm5WDfHQ=";
externalIp = "91.121.177.163";
};
# "Clients"
aramis = {
clientNum = 2;
publicKey = "QJSWIBS1mXTpxYybLlKu/Y5wy0GFbUfn4yPzpF1DZDc=";
};
richelieu = {
clientNum = 3;
publicKey = "w4IADAj2Tt7Qe95a0RxDv9ovg/Dr/f3q1LrVOPF48Rk=";
};
# Sarah's iPhone
milady = {
clientNum = 4;
publicKey = "3MKEu4F6o8kww54xeAao5Uet86fv8z/QsZ2L2mOzqDQ=";
};
}; };
# "Clients"
aramis = {
clientNum = 2;
publicKey = "QJSWIBS1mXTpxYybLlKu/Y5wy0GFbUfn4yPzpF1DZDc=";
};
richelieu = {
clientNum = 3;
publicKey = "w4IADAj2Tt7Qe95a0RxDv9ovg/Dr/f3q1LrVOPF48Rk=";
};
# Sarah's iPhone
milady = {
clientNum = 4;
publicKey = "3MKEu4F6o8kww54xeAao5Uet86fv8z/QsZ2L2mOzqDQ=";
};
};
thisPeer = peers."${hostName}"; thisPeer = peers."${hostName}";
thisPeerIsServer = thisPeer ? externalIp; thisPeerIsServer = thisPeer ? externalIp;
# Only connect to clients from server, and only connect to server from clients # Only connect to clients from server, and only connect to server from clients
@ -60,7 +51,7 @@ let
"${v4.subnet}.${toString thisPeer.clientNum}/${toString v4.mask}" "${v4.subnet}.${toString thisPeer.clientNum}/${toString v4.mask}"
"${v6.subnet}::${toString thisPeer.clientNum}/${toHexString v6.mask}" "${v6.subnet}::${toString thisPeer.clientNum}/${toHexString v6.mask}"
]; ];
inherit (thisPeer) privateKeyFile; privateKeyFile = secrets."wireguard/private-key".path;
peers = peers =
let let