summaryrefslogtreecommitdiff
path: root/hosts/surtr/vpn/default.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-08-09 11:23:00 +0300
committerGregor Kleen <gkleen@yggdrasil.li>2022-08-09 11:23:00 +0300
commitc1f62e9827efe7c8e303e3cfa70dac8f544312b1 (patch)
treed20ff0f367804bc87996c6312cebe2fa57b5bd4c /hosts/surtr/vpn/default.nix
parentde66ba821b2851cb23bcc7b064e84de3dd848e26 (diff)
downloadnixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.gz
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.bz2
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.tar.xz
nixos-c1f62e9827efe7c8e303e3cfa70dac8f544312b1.zip
...
Diffstat (limited to 'hosts/surtr/vpn/default.nix')
-rw-r--r--hosts/surtr/vpn/default.nix13
1 files changed, 8 insertions, 5 deletions
diff --git a/hosts/surtr/vpn/default.nix b/hosts/surtr/vpn/default.nix
index 9d003f23..ba45e486 100644
--- a/hosts/surtr/vpn/default.nix
+++ b/hosts/surtr/vpn/default.nix
@@ -43,10 +43,13 @@ in {
43 "2620:fe::fe:10#dns10.quad9.net" 43 "2620:fe::fe:10#dns10.quad9.net"
44 ]; 44 ];
45 45
46 systemd.tmpfiles.rules = [ 46 systemd.services."systemd-networkd" = {
47 "d /etc/wireguard 0755 root systemd-network - -" 47 serviceConfig = {
48 "C /etc/wireguard/surtr.priv 0640 root systemd-network - /run/host/credentials/surtr.priv" 48 LoadCredential = [
49 ]; 49 "surtr.priv"
50 ];
51 };
52 };
50 53
51 systemd.network = { 54 systemd.network = {
52 netdevs = { 55 netdevs = {
@@ -56,7 +59,7 @@ in {
56 Kind = "wireguard"; 59 Kind = "wireguard";
57 }; 60 };
58 wireguardConfig = { 61 wireguardConfig = {
59 PrivateKeyFile = "/etc/wireguard/surtr.priv"; 62 PrivateKeyFile = "/run/credentials/systemd-networkd.service/surtr.priv";
60 ListenPort = 51820; 63 ListenPort = 51820;
61 }; 64 };
62 wireguardPeers = imap1 (i: { name, ip ? i }: { 65 wireguardPeers = imap1 (i: { name, ip ? i }: {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 06:58:14 +0000