diff options
| -rw-r--r-- | modules/yggdrasil-wg/default.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index db7780fb..67bb34f5 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
| @@ -86,8 +86,10 @@ in { | |||
| 86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { | 86 | systemd.services = listToAttrs (filter ({ value, ...}: value != null) (imap0 (ix: opts@{to, from, ...}: let other = if from == hostName then to else from; in nameValuePair "yggdrasil-udp2raw@${other}" (if opts ? "endpointHost" && (from == hostName || to == hostName) then { |
| 87 | path = with pkgs; [iptables]; | 87 | path = with pkgs; [iptables]; |
| 88 | serviceConfig = { | 88 | serviceConfig = { |
| 89 | RuntimeDirectory = ["config"]; | 89 | RuntimeDirectory = ["udp2raw-config-${other}"]; |
| 90 | RuntimeDirectoryMode = "0700"; | ||
| 90 | ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" '' | 91 | ExecStartPre = pkgs.writeShellScript "udp2raw-mkconfig-${other}.sh" '' |
| 92 | umask 0077 | ||
| 91 | secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path}) | 93 | secret=$(cat ${config.sops.secrets."yggdrasil-udp2raw-secret".path}) |
| 92 | cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF | 94 | cat >''${RUNTIME_DIRECTORY}/udp2raw.conf <<EOF |
| 93 | ${if from == hostName then '' | 95 | ${if from == hostName then '' |