summaryrefslogtreecommitdiff
path: root/modules/yggdrasil-wg
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-10-10 13:34:23 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-10-10 13:34:23 +0200
commit36f532f5dda1cd1a9bc9a4061f9e218bc2126dec (patch)
tree1be103c6d934f63441c88f7e38814cbee30e9fcc /modules/yggdrasil-wg
parent8e406c0954876f1c08392601bd8b6f178725f4e5 (diff)
downloadnixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar
nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.gz
nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.bz2
nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.tar.xz
nixos-36f532f5dda1cd1a9bc9a4061f9e218bc2126dec.zip
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r--modules/yggdrasil-wg/default.nix4
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index 34c1f1e5..6b0405d9 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -83,12 +83,12 @@ in {
83 }; 83 };
84 }; 84 };
85 85
86 systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" then { 86 systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then {
87 path = with pkgs; [iptables]; 87 path = with pkgs; [iptables];
88 serviceConfig = { 88 serviceConfig = {
89 ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l 127.0.0.1:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r 127.0.0.1:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a"; 89 ExecStart = "${pkgs.udp2raw}/bin/udp2raw ${if from == hostName then "-c -l 127.0.0.1:${toString (udp2rawPort + ix)} -r ${opts.endpointHost}:${toString (udp2rawPort + ix)}" else "-s -l 0.0.0.0:${toString (udp2rawPort + ix)} -r 127.0.0.1:${toString listenPort}"} -k tmpkey --auth-mode hmac_sha1 --raw-mode faketcp -a";
90 }; 90 };
91 } else null)) hostLinks)) // { 91 } else null)) links)) // {
92 "wireguard-yggdrasil" = { 92 "wireguard-yggdrasil" = {
93 requires = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); 93 requires = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks);
94 after = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks); 94 after = filter (value: value != null) (map (opts@{to, from, ...}: let other = if from == hostName then to else from; in if opts ? "endpointHost" then "yggdrasil-udp2raw@${other}" else null) hostLinks);