diff options
Diffstat (limited to 'modules/yggdrasil-wg/default.nix')
-rw-r--r-- | modules/yggdrasil-wg/default.nix | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 80443644..fbb38d26 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
@@ -68,9 +68,9 @@ let | |||
68 | linkToGreDev = opts@{from, to, ...}: | 68 | linkToGreDev = opts@{from, to, ...}: |
69 | let | 69 | let |
70 | other = if from == hostName then to else from; | 70 | other = if from == hostName then to else from; |
71 | in nameValuePair "yggdrasil-gre-${other}" { | 71 | in nameValuePair "yggre-${other}" { |
72 | netdevConfig = { | 72 | netdevConfig = { |
73 | Name = "yggdrasil-gre-${other}"; | 73 | Name = "yggre-${other}"; |
74 | Kind = "ip6gretap"; | 74 | Kind = "ip6gretap"; |
75 | MTUBytes = toString 1280; | 75 | MTUBytes = toString 1280; |
76 | }; | 76 | }; |
@@ -85,15 +85,15 @@ let | |||
85 | hexIx = let | 85 | hexIx = let |
86 | hexIx' = toHexString ix; | 86 | hexIx' = toHexString ix; |
87 | in if (stringLength hexIx' < 2) then "0${hexIx'}" else hexIx'; | 87 | in if (stringLength hexIx' < 2) then "0${hexIx'}" else hexIx'; |
88 | in nameValuePair "yggdrasil-gre-${other}" { | 88 | in nameValuePair "yggre-${other}" { |
89 | matchConfig = { | 89 | matchConfig = { |
90 | Name = "yggdrasil-gre-${other}"; | 90 | Name = "yggre-${other}"; |
91 | }; | 91 | }; |
92 | linkConfig = { | 92 | linkConfig = { |
93 | MACAddress = "${greHostMACPrefixes.${hostName}}:${hexIx}"; | 93 | MACAddress = "${greHostMACPrefixes.${hostName}}:${hexIx}"; |
94 | }; | 94 | }; |
95 | networkConfig = { | 95 | networkConfig = { |
96 | Tunnel = "yggdrasil-gre-${other}"; | 96 | Tunnel = "yggre-${other}"; |
97 | BatmanAdvanced = "yggdrasil"; | 97 | BatmanAdvanced = "yggdrasil"; |
98 | }; | 98 | }; |
99 | linkConfig = { | 99 | linkConfig = { |
@@ -223,6 +223,9 @@ in { | |||
223 | "yggdrasil-wg.priv" = mkIf (pathExists privateKeyPath) { | 223 | "yggdrasil-wg.priv" = mkIf (pathExists privateKeyPath) { |
224 | format = "binary"; | 224 | format = "binary"; |
225 | sopsFile = privateKeyPath; | 225 | sopsFile = privateKeyPath; |
226 | mode = "0640"; | ||
227 | owner = "root"; | ||
228 | group = "systemd-network"; | ||
226 | }; | 229 | }; |
227 | "yggdrasil-udp2raw-secret" = mkIf (any (opts@{to, from, ...}: opts ? "endpointHost" && opts ? "udp2raw") hostLinks) { | 230 | "yggdrasil-udp2raw-secret" = mkIf (any (opts@{to, from, ...}: opts ? "endpointHost" && opts ? "udp2raw") hostLinks) { |
228 | format = "binary"; | 231 | format = "binary"; |