daniel/dotfiles
1
0
Fork 0
Code Activity Actions

wg: fix

Browse source
This commit is contained in:
Daniel Kempkens 2024-11-02 21:10:10 +01:00
parent 02416f7d12
commit 7f9245ed94
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
1 changed files with 22 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
system/nixos/wireguard-netns.nix
View file

@ -34,8 +34,8 @@
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.iproute}/bin/ip netns add %I";
ExecStop = "${pkgs.iproute}/bin/ip netns del %I";
ExecStart = "${pkgs.iproute2}/bin/ip netns add %I";
ExecStop = "${pkgs.iproute2}/bin/ip netns del %I";
};
};
@ -56,35 +56,35 @@
ExecStart = with pkgs; writers.writeBash "wg-up" ''
set -e
echo "Setting lo to up ..."
${iproute}/bin/ip -n wg link set lo up
${iproute2}/bin/ip -n wg link set lo up
echo "Creating veth network ..."
${iproute}/bin/ip link add name vethwghost0 type veth peer vethwgns0 netns wg
${iproute}/bin/ip address add 192.168.42.1/24 dev vethwghost0
${iproute}/bin/ip -n wg address add 192.168.42.2/24 dev vethwgns0
${iproute}/bin/ip link set vethwghost0 up
${iproute}/bin/ip -n wg link set vethwgns0 up
${iproute2}/bin/ip link add name vethwghost0 type veth peer vethwgns0 netns wg
${iproute2}/bin/ip address add 192.168.42.1/24 dev vethwghost0
${iproute2}/bin/ip -n wg address add 192.168.42.2/24 dev vethwgns0
${iproute2}/bin/ip link set vethwghost0 up
${iproute2}/bin/ip -n wg link set vethwgns0 up
echo "Creating wg0 interface ..."
${iproute}/bin/ip link add wg0 type wireguard
${iproute2}/bin/ip link add wg0 type wireguard
${wireguard-tools}/bin/wg setconf wg0 ${config.age.secrets.wireguard-config.path}
${iproute}/bin/ip link set wg0 netns wg
${iproute}/bin/ip -n wg address add ${secret.wireguard.ipv4} dev wg0
${iproute}/bin/ip -n wg -6 address add ${secret.wireguard.ipv6} dev wg0
${iproute}/bin/ip -n wg link set wg0 mtu 1320
${iproute}/bin/ip -n wg link set wg0 up
${iproute}/bin/ip -n wg route add default dev wg0
${iproute}/bin/ip -n wg -6 route add default dev wg0
${iproute2}/bin/ip link set wg0 netns wg
${iproute2}/bin/ip -n wg address add ${secret.wireguard.ipv4} dev wg0
${iproute2}/bin/ip -n wg -6 address add ${secret.wireguard.ipv6} dev wg0
${iproute2}/bin/ip -n wg link set wg0 mtu 1320
${iproute2}/bin/ip -n wg link set wg0 up
${iproute2}/bin/ip -n wg route add default dev wg0
${iproute2}/bin/ip -n wg -6 route add default dev wg0
echo "Done!"
'';
ExecStop = with pkgs; writers.writeBash "wg-down" ''
echo "Tearing down wg0 ..."
${iproute}/bin/ip -n wg route del default dev wg0
${iproute}/bin/ip -n wg -6 route del default dev wg0
${iproute}/bin/ip -n wg link del wg0
${iproute2}/bin/ip -n wg route del default dev wg0
${iproute2}/bin/ip -n wg -6 route del default dev wg0
${iproute2}/bin/ip -n wg link del wg0
echo "Tearing down veth network ..."
${iproute}/bin/ip link del vethwghost0
${iproute}/bin/ip -n wg link del vethwgns0
${iproute2}/bin/ip link del vethwghost0
${iproute2}/bin/ip -n wg link del vethwgns0
echo "Setting lo to down ..."
${iproute}/bin/ip -n wg link set lo down
${iproute2}/bin/ip -n wg link set lo down
echo "Done!"
'';
};