Skip to content

Commit

Permalink
WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sereja313
Sereja313 committed Dec 5, 2024
1 parent 72d4460 commit ae25723
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 4 deletions.
19 changes: 18 additions & 1 deletion flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 5 additions & 1 deletion flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,10 @@
flake = false;
};
weeder-src.url = "github:ocharles/weeder";
wg-fake-src = {
url = "github:lastbyte32/wg-fake";
flake = false;
};
};

outputs = { self, nixpkgs, gitignore-nix, flake-utils, nix, deploy-rs, haskell-nix, ... }@inputs: let
Expand All @@ -43,7 +47,7 @@
darwinModules = {
common = import ./modules/common.nix;
serokell-users = import ./modules/serokell-users-darwin.nix;
wireguard-monitoring = import ./modules/wireguard-monitoring/darwin.nix;
wireguard-monitoring = (import ./modules/wireguard-monitoring/darwin.nix) {inherit inputs;};
};

nixosModules = {
Expand Down
15 changes: 13 additions & 2 deletions modules/wireguard-monitoring/darwin.nix
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,16 @@
{ config, pkgs, lib, ... }@args:
{inputs}:{ config, pkgs, lib, ... }@args:

let
wireguard-ip = config.wireguard-ip-address;
common = import ./common.nix args;

wg-fake = pkgs.buildGoModule {
pname = "wg-fake";
version = "0.0.1";
vendorHash = "sha256-ciBIR+a1oaYH+H1PcC8cD8ncfJczk1IiJ8iYNM+R6aA=";
src = inputs.wg-fake-src;
};

in {
inherit (common) options;

Expand All @@ -18,9 +26,12 @@ in {
#];

# enable wireguard
networking.wg-quick.interfaces.wg0 = {
networking.wg-quick.interfaces.wg0 = let
listenPort = 51820;
in {
inherit listenPort;
address = [ "${wireguard-ip}/16" ];
preUp = "${wg-fake}/wg-fake -s ${common.polisPeer.endpoint} -p ${listenPort}";

# (you have to generate it manually with `wg genkey > private_key`)
privateKeyFile = "/etc/wireguard/secret";
Expand Down

0 comments on commit ae25723

Please sign in to comment.