Compare commits
No commits in common. "0166fc858b5fb37510ef547166263ea74b94fbde" and "02416f7d12ea24107b0d836636406ec4652318e9" have entirely different histories.
0166fc858b
...
02416f7d12
2 changed files with 29 additions and 29 deletions
14
flake.lock
14
flake.lock
|
|
@ -296,11 +296,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730633670,
|
"lastModified": 1730490306,
|
||||||
"narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=",
|
"narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661",
|
"rev": "1743615b61c7285976f85b303a36cdf88a556503",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -337,7 +337,7 @@
|
||||||
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
|
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
|
||||||
"rev": "9098ac95768f7006d7e070b88bae76939f6034e6",
|
"rev": "9098ac95768f7006d7e070b88bae76939f6034e6",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6"
|
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
|
|
@ -493,11 +493,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730599252,
|
"lastModified": 1730555274,
|
||||||
"narHash": "sha256-gCkK9sTqEKYRM5db5nPydip//4mQfiW3GTEw874bYps=",
|
"narHash": "sha256-dYSnUmWkVwwEpXv0F/fZBBYT10Bgx+U2PJ2obdBTqo8=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "3ce0ea52a0a71ac04f4ce0a2c8a629e02a4e6279",
|
"rev": "cf3e5d3744dc26c3498aa5dadfa0e078c632cede",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
|
|
@ -34,8 +34,8 @@
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
RemainAfterExit = true;
|
RemainAfterExit = true;
|
||||||
ExecStart = "${pkgs.iproute2}/bin/ip netns add %I";
|
ExecStart = "${pkgs.iproute}/bin/ip netns add %I";
|
||||||
ExecStop = "${pkgs.iproute2}/bin/ip netns del %I";
|
ExecStop = "${pkgs.iproute}/bin/ip netns del %I";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -56,35 +56,35 @@
|
||||||
ExecStart = with pkgs; writers.writeBash "wg-up" ''
|
ExecStart = with pkgs; writers.writeBash "wg-up" ''
|
||||||
set -e
|
set -e
|
||||||
echo "Setting lo to up ..."
|
echo "Setting lo to up ..."
|
||||||
${iproute2}/bin/ip -n wg link set lo up
|
${iproute}/bin/ip -n wg link set lo up
|
||||||
echo "Creating veth network ..."
|
echo "Creating veth network ..."
|
||||||
${iproute2}/bin/ip link add name vethwghost0 type veth peer vethwgns0 netns wg
|
${iproute}/bin/ip link add name vethwghost0 type veth peer vethwgns0 netns wg
|
||||||
${iproute2}/bin/ip address add 192.168.42.1/24 dev vethwghost0
|
${iproute}/bin/ip address add 192.168.42.1/24 dev vethwghost0
|
||||||
${iproute2}/bin/ip -n wg address add 192.168.42.2/24 dev vethwgns0
|
${iproute}/bin/ip -n wg address add 192.168.42.2/24 dev vethwgns0
|
||||||
${iproute2}/bin/ip link set vethwghost0 up
|
${iproute}/bin/ip link set vethwghost0 up
|
||||||
${iproute2}/bin/ip -n wg link set vethwgns0 up
|
${iproute}/bin/ip -n wg link set vethwgns0 up
|
||||||
echo "Creating wg0 interface ..."
|
echo "Creating wg0 interface ..."
|
||||||
${iproute2}/bin/ip link add wg0 type wireguard
|
${iproute}/bin/ip link add wg0 type wireguard
|
||||||
${wireguard-tools}/bin/wg setconf wg0 ${config.age.secrets.wireguard-config.path}
|
${wireguard-tools}/bin/wg setconf wg0 ${config.age.secrets.wireguard-config.path}
|
||||||
${iproute2}/bin/ip link set wg0 netns wg
|
${iproute}/bin/ip link set wg0 netns wg
|
||||||
${iproute2}/bin/ip -n wg address add ${secret.wireguard.ipv4} dev wg0
|
${iproute}/bin/ip -n wg address add ${secret.wireguard.ipv4} dev wg0
|
||||||
${iproute2}/bin/ip -n wg -6 address add ${secret.wireguard.ipv6} dev wg0
|
${iproute}/bin/ip -n wg -6 address add ${secret.wireguard.ipv6} dev wg0
|
||||||
${iproute2}/bin/ip -n wg link set wg0 mtu 1320
|
${iproute}/bin/ip -n wg link set wg0 mtu 1320
|
||||||
${iproute2}/bin/ip -n wg link set wg0 up
|
${iproute}/bin/ip -n wg link set wg0 up
|
||||||
${iproute2}/bin/ip -n wg route add default dev wg0
|
${iproute}/bin/ip -n wg route add default dev wg0
|
||||||
${iproute2}/bin/ip -n wg -6 route add default dev wg0
|
${iproute}/bin/ip -n wg -6 route add default dev wg0
|
||||||
echo "Done!"
|
echo "Done!"
|
||||||
'';
|
'';
|
||||||
ExecStop = with pkgs; writers.writeBash "wg-down" ''
|
ExecStop = with pkgs; writers.writeBash "wg-down" ''
|
||||||
echo "Tearing down wg0 ..."
|
echo "Tearing down wg0 ..."
|
||||||
${iproute2}/bin/ip -n wg route del default dev wg0
|
${iproute}/bin/ip -n wg route del default dev wg0
|
||||||
${iproute2}/bin/ip -n wg -6 route del default dev wg0
|
${iproute}/bin/ip -n wg -6 route del default dev wg0
|
||||||
${iproute2}/bin/ip -n wg link del wg0
|
${iproute}/bin/ip -n wg link del wg0
|
||||||
echo "Tearing down veth network ..."
|
echo "Tearing down veth network ..."
|
||||||
${iproute2}/bin/ip link del vethwghost0
|
${iproute}/bin/ip link del vethwghost0
|
||||||
${iproute2}/bin/ip -n wg link del vethwgns0
|
${iproute}/bin/ip -n wg link del vethwgns0
|
||||||
echo "Setting lo to down ..."
|
echo "Setting lo to down ..."
|
||||||
${iproute2}/bin/ip -n wg link set lo down
|
${iproute}/bin/ip -n wg link set lo down
|
||||||
echo "Done!"
|
echo "Done!"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue