From 610bf85460c1371aa2af035054b7f9d641132388 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sun, 17 Oct 2021 20:58:27 +0200
Subject: yggdrasil-wg: ...

---
 modules/yggdrasil-wg/default.nix | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'modules/yggdrasil-wg')

diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index 80443644..fbb38d26 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -68,9 +68,9 @@ let
   linkToGreDev = opts@{from, to, ...}:
     let
       other = if from == hostName then to else from;
-    in nameValuePair "yggdrasil-gre-${other}" {
+    in nameValuePair "yggre-${other}" {
       netdevConfig = {
-        Name = "yggdrasil-gre-${other}";
+        Name = "yggre-${other}";
         Kind = "ip6gretap";
         MTUBytes = toString 1280;
       };
@@ -85,15 +85,15 @@ let
       hexIx = let
         hexIx' = toHexString ix;
       in if (stringLength hexIx' < 2) then "0${hexIx'}" else hexIx';
-    in nameValuePair "yggdrasil-gre-${other}" {
+    in nameValuePair "yggre-${other}" {
       matchConfig = {
-        Name = "yggdrasil-gre-${other}";
+        Name = "yggre-${other}";
       };
       linkConfig = {
         MACAddress = "${greHostMACPrefixes.${hostName}}:${hexIx}";
       };
       networkConfig = {
-        Tunnel = "yggdrasil-gre-${other}";
+        Tunnel = "yggre-${other}";
         BatmanAdvanced = "yggdrasil";
       };
       linkConfig = {
@@ -223,6 +223,9 @@ in {
       "yggdrasil-wg.priv" = mkIf (pathExists privateKeyPath) {
         format = "binary";
         sopsFile = privateKeyPath;
+        mode = "0640";
+        owner = "root";
+        group = "systemd-network";
       };
       "yggdrasil-udp2raw-secret" = mkIf (any (opts@{to, from, ...}: opts ? "endpointHost" && opts ? "udp2raw") hostLinks) {
         format = "binary";
-- 
cgit v1.2.3