diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-10 13:34:23 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-10 13:34:23 +0200 |
commit | 36f532f5dda1cd1a9bc9a4061f9e218bc2126dec (patch) | |
tree | 1be103c6d934f63441c88f7e38814cbee30e9fcc /modules/yggdrasil-wg | |
parent | 8e406c0954876f1c08392601bd8b6f178725f4e5 (diff) | |
download | nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.gz nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.bz2 nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.xz nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.zip |
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r-- | modules/yggdrasil-wg/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 34c1f1e5..6b0405d9 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
@@ -83,12 +83,12 @@ in { | |||
83 | }; | 83 | }; |
84 | }; | 84 | }; |
85 | 85 | ||
86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" then { | 86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { |
87 | path = with pkgs; [iptables]; | 87 | path = with pkgs; [iptables]; |
88 | serviceConfig = { | 88 | serviceConfig = { |
89 | ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l 127.0.0.1:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r 127.0.0.1:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a"; | 89 | ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l 127.0.0.1:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r 127.0.0.1:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a"; |
90 | }; | 90 | }; |
91 | } else null)) hostLinks)) // { | 91 | } else null)) links)) // { |
92 | "wireguard-yggdrasil" = { | 92 | "wireguard-yggdrasil" = { |
93 | requires = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); | 93 | requires = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); |
94 | after = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); | 94 | after = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); |