diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-10 14:13:50 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-10 14:13:50 +0200 |
| commit | 5307f754308dcdc4d4eeecff1715409ae1c3a265 (patch) | |
| tree | c3adf5cd34581a52af34e674eb187f9b463c4bab | |
| parent | fd0d76cff24790194a27c8ed3ff47d83fedc8245 (diff) | |
| download | nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.gz nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.bz2 nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.xz nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.zip | |
yggdrasil-wg: ...
| -rw-r--r-- | modules/yggdrasil-wg/default.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index db7780fb..67bb34f5 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
| @@ -86,8 +86,10 @@ in { | |||
| 86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { | 86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { |
| 87 | path = with pkgs; [iptables]; | 87 | path = with pkgs; [iptables]; |
| 88 | serviceConfig = { | 88 | serviceConfig = { |
| 89 | RuntimeDirectory = ["config"]; | 89 | RuntimeDirectory = ["udp2raw-config-${other}"]; |
| 90 | RuntimeDirectoryMode = "0700"; | ||
| 90 | ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" '' | 91 | ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" '' |
| 92 | umask 0077 | ||
| 91 | secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path}) | 93 | secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path}) |
| 92 | cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF | 94 | cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF |
| 93 | ${if from == hostName then '' | 95 | ${if from == hostName then '' |