From cce107a9bbdd7c0b342a1c597af2cd9684c1d498 Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Tue, 12 Dec 2023 14:09:10 +0000
Subject: [PATCH] nixos: services: wireguard: add VPN conflicts

It's now easier to do the right thing when starting a VPN service,
whether the other one is running or not.
---
 modules/nixos/services/wireguard/default.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/nixos/services/wireguard/default.nix b/modules/nixos/services/wireguard/default.nix
index fc5518d..6c0ef91 100644
--- a/modules/nixos/services/wireguard/default.nix
+++ b/modules/nixos/services/wireguard/default.nix
@@ -261,5 +261,11 @@ in
     (lib.mkIf (cfg.internal.enable && !cfg.internal.startAtBoot) {
       systemd.services."wg-quick-${cfg.internal.name}".wantedBy = lib.mkForce [ ];
     })
+
+    # Make systemd shut down one service when starting the other
+    (lib.mkIf (cfg.internal.enable) {
+      systemd.services."wg-quick-${cfg.iface}".conflicts = [ "wg-quick-${cfg.internal.name}.service" ];
+      systemd.services."wg-quick-${cfg.internal.name}".conflicts = [ "wg-quick-${cfg.iface}.service" ];
+    })
   ]);
 }