dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #232019 from 4z3/master-wireguard

Browse Source
This commit is contained in:
Lassulus 2023-05-16 22:29:17 +02:00 committed by GitHub
commit 52bbee772a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
nixos/modules/services/networking/wireguard.nix
View File

@ -170,10 +170,22 @@ let
# peer options # peer options
peerOpts = { peerOpts = self: {
options = { options = {
name = mkOption {
default =
replaceStrings
[ "/" "-" " " "+" "=" ]
[ "-" "\\x2d" "\\x20" "\\x2b" "\\x3d" ]
self.config.publicKey;
defaultText = literalExpression "publicKey";
example = "bernd";
type = types.str;
description = lib.mdDoc "Name used to derive peer unit name.";
};
publicKey = mkOption { publicKey = mkOption {
example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg="; example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=";
type = types.singleLineStr; type = types.singleLineStr;
@ -313,15 +325,11 @@ let
''; '';
}; };
peerUnitServiceName = interfaceName: publicKey: dynamicRefreshEnabled: peerUnitServiceName = interfaceName: peerName: dynamicRefreshEnabled:
let let
keyToUnitName = replaceStrings
[ "/" "-" " " "+" "=" ]
[ "-" "\\x2d" "\\x20" "\\x2b" "\\x3d" ];
unitName = keyToUnitName publicKey;
refreshSuffix = optionalString dynamicRefreshEnabled "-refresh"; refreshSuffix = optionalString dynamicRefreshEnabled "-refresh";
in in
"wireguard-${interfaceName}-peer-${unitName}${refreshSuffix}"; "wireguard-${interfaceName}-peer-${peerName}${refreshSuffix}";
generatePeerUnit = { interfaceName, interfaceCfg, peer }: generatePeerUnit = { interfaceName, interfaceCfg, peer }:
let let
@ -337,10 +345,11 @@ let
# We generate a different name (a `-refresh` suffix) when `dynamicEndpointRefreshSeconds` # We generate a different name (a `-refresh` suffix) when `dynamicEndpointRefreshSeconds`
# to avoid that the same service switches `Type` (`oneshot` vs `simple`), # to avoid that the same service switches `Type` (`oneshot` vs `simple`),
# with the intent to make scripting more obvious. # with the intent to make scripting more obvious.
serviceName = peerUnitServiceName interfaceName peer.publicKey dynamicRefreshEnabled; serviceName = peerUnitServiceName interfaceName peer.name dynamicRefreshEnabled;
in nameValuePair serviceName in nameValuePair serviceName
{ {
description = "WireGuard Peer - ${interfaceName} - ${peer.publicKey}"; description = "WireGuard Peer - ${interfaceName} - ${peer.name}"
+ optionalString (peer.name != peer.publicKey) " (${peer.publicKey})";
requires = [ "wireguard-${interfaceName}.service" ]; requires = [ "wireguard-${interfaceName}.service" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "wireguard-${interfaceName}.service" "network-online.target" ]; after = [ "wireguard-${interfaceName}.service" "network-online.target" ];
@ -418,7 +427,7 @@ let
# the target is required to start new peer units when they are added # the target is required to start new peer units when they are added
generateInterfaceTarget = name: values: generateInterfaceTarget = name: values:
let let
mkPeerUnit = peer: (peerUnitServiceName name peer.publicKey (peer.dynamicEndpointRefreshSeconds != 0)) + ".service"; mkPeerUnit = peer: (peerUnitServiceName name peer.name (peer.dynamicEndpointRefreshSeconds != 0)) + ".service";
in in
nameValuePair "wireguard-${name}" nameValuePair "wireguard-${name}"
rec { rec {