summaryrefslogtreecommitdiff
path: root/modules/yggdrasil-wg/default.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-10-10 14:13:50 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-10-10 14:13:50 +0200
commit5307f754308dcdc4d4eeecff1715409ae1c3a265 (patch)
treec3adf5cd34581a52af34e674eb187f9b463c4bab /modules/yggdrasil-wg/default.nix
parentfd0d76cff24790194a27c8ed3ff47d83fedc8245 (diff)
downloadnixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar
nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.gz
nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.bz2
nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.tar.xz
nixos-5307f754308dcdc4d4eeecff1715409ae1c3a265.zip
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg/default.nix')
-rw-r--r--modules/yggdrasil-wg/default.nix4
1 files changed, 3 insertions, 1 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index db7780fb..67bb34f5 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -86,8 +86,10 @@ in {
86 systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { 86 systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then {
87 path = with pkgs; [iptables]; 87 path = with pkgs; [iptables];
88 serviceConfig = { 88 serviceConfig = {
89 RuntimeDirectory = ["config"]; 89 RuntimeDirectory = ["udp2raw-config-${other}"];
90 RuntimeDirectoryMode = "0700";
90 ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" '' 91 ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" ''
92 umask 0077
91 secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path}) 93 secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path})
92 cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF 94 cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF
93 ${if from == hostName then '' 95 ${if from == hostName then ''