Passer wgautomesh en prod #9
1 changed files with 12 additions and 0 deletions
|
@ -264,6 +264,18 @@ in
|
|||
endpoint = endpoint;
|
||||
}) cfg.cluster_nodes;
|
||||
};
|
||||
# Old code for wg-quick, we can use this as a fallback if we fail to make wgautomesh work
|
||||
# systemd.services."wg-quick-wg0".after = [ "unbound.service" ];
|
||||
# networking.wg-quick.interfaces.wg0 = {
|
||||
# address = [ "${cfg.cluster_ip}/16" ];
|
||||
# listenPort = cfg.wireguard_port;
|
||||
# privateKeyFile = "/var/lib/deuxfleurs/wireguard-keys/private";
|
||||
# mtu = 1420;
|
||||
# peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {
|
||||
# inherit publicKey endpoint;
|
||||
# allowedIPs = [ "${IP}/32" ];
|
||||
# persistentKeepalive = 25;
|
||||
# };
|
||||
|
||||
system.activationScripts.generate_df_wg_key = ''
|
||||
if [ ! -f /var/lib/deuxfleurs/wireguard-keys/private ]; then
|
||||
|
|
Loading…
Reference in a new issue