diff options
author | Lassulus <github@lassul.us> | 2023-05-16 22:29:17 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-16 22:29:17 +0200 |
commit | 52bbee772aa637603412839721074d5063b93cb1 (patch) | |
tree | 7bd2f62f966ad8594b439820260bca1501dff4c0 /nixos/modules/services | |
parent | e4e19894228217199f02fa536aecea0c2b47bd95 (diff) | |
parent | 50b845c5a64af3cb42c37f3d75c3758cc96e1729 (diff) |
Merge pull request #232019 from 4z3/master-wireguard
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/networking/wireguard.nix | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix index 8b025228cc1ff..21473388d76e1 100644 --- a/nixos/modules/services/networking/wireguard.nix +++ b/nixos/modules/services/networking/wireguard.nix @@ -170,10 +170,22 @@ let # peer options - peerOpts = { + peerOpts = self: { options = { + name = mkOption { + default = + replaceStrings + [ "/" "-" " " "+" "=" ] + [ "-" "\\x2d" "\\x20" "\\x2b" "\\x3d" ] + self.config.publicKey; + defaultText = literalExpression "publicKey"; + example = "bernd"; + type = types.str; + description = lib.mdDoc "Name used to derive peer unit name."; + }; + publicKey = mkOption { example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg="; type = types.singleLineStr; @@ -313,15 +325,11 @@ let ''; }; - peerUnitServiceName = interfaceName: publicKey: dynamicRefreshEnabled: + peerUnitServiceName = interfaceName: peerName: dynamicRefreshEnabled: let - keyToUnitName = replaceStrings - [ "/" "-" " " "+" "=" ] - [ "-" "\\x2d" "\\x20" "\\x2b" "\\x3d" ]; - unitName = keyToUnitName publicKey; refreshSuffix = optionalString dynamicRefreshEnabled "-refresh"; in - "wireguard-${interfaceName}-peer-${unitName}${refreshSuffix}"; + "wireguard-${interfaceName}-peer-${peerName}${refreshSuffix}"; generatePeerUnit = { interfaceName, interfaceCfg, peer }: let @@ -337,10 +345,11 @@ let # We generate a different name (a `-refresh` suffix) when `dynamicEndpointRefreshSeconds` # to avoid that the same service switches `Type` (`oneshot` vs `simple`), # with the intent to make scripting more obvious. - serviceName = peerUnitServiceName interfaceName peer.publicKey dynamicRefreshEnabled; + serviceName = peerUnitServiceName interfaceName peer.name dynamicRefreshEnabled; in nameValuePair serviceName { - description = "WireGuard Peer - ${interfaceName} - ${peer.publicKey}"; + description = "WireGuard Peer - ${interfaceName} - ${peer.name}" + + optionalString (peer.name != peer.publicKey) " (${peer.publicKey})"; requires = [ "wireguard-${interfaceName}.service" ]; wants = [ "network-online.target" ]; after = [ "wireguard-${interfaceName}.service" "network-online.target" ]; @@ -418,7 +427,7 @@ let # the target is required to start new peer units when they are added generateInterfaceTarget = name: values: let - mkPeerUnit = peer: (peerUnitServiceName name peer.publicKey (peer.dynamicEndpointRefreshSeconds != 0)) + ".service"; + mkPeerUnit = peer: (peerUnitServiceName name peer.name (peer.dynamicEndpointRefreshSeconds != 0)) + ".service"; in nameValuePair "wireguard-${name}" rec { |