diff options
| author | misuzu <bakalolka@gmail.com> | 2022-08-14 19:40:31 +0300 |
|---|---|---|
| committer | misuzu <bakalolka@gmail.com> | 2022-08-22 16:37:43 +0300 |
| commit | 5fcdceb0b2edf283c4bd041e751a380b45bd2243 (patch) | |
| tree | 246347072a7340509f878b846be2f793bdef84a1 /nixos/modules | |
| parent | fea7af99d9a2fdc22023b7e79ab476c921a9b5cf (diff) | |
nixos/netbird: init
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/networking/netbird.nix | 64 |
2 files changed, 65 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 31a4107b3eeb4..e632a760f892b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -861,6 +861,7 @@ ./services/networking/nbd.nix ./services/networking/ndppd.nix ./services/networking/nebula.nix + ./services/networking/netbird.nix ./services/networking/networkmanager.nix ./services/networking/nextdns.nix ./services/networking/nftables.nix diff --git a/nixos/modules/services/networking/netbird.nix b/nixos/modules/services/networking/netbird.nix new file mode 100644 index 0000000000000..806b72d5f3a7c --- /dev/null +++ b/nixos/modules/services/networking/netbird.nix @@ -0,0 +1,64 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.netbird; + kernel = config.boot.kernelPackages; + interfaceName = "wt0"; +in { + meta.maintainers = with maintainers; [ misuzu ]; + + options.services.netbird = { + enable = mkEnableOption "Netbird daemon"; + package = mkOption { + type = types.package; + default = pkgs.netbird; + defaultText = literalExpression "pkgs.netbird"; + description = "The package to use for netbird"; + }; + }; + + config = mkIf cfg.enable { + boot.extraModulePackages = optional (versionOlder kernel.kernel.version "5.6") kernel.wireguard; + + environment.systemPackages = [ cfg.package ]; + + networking.dhcpcd.denyInterfaces = [ interfaceName ]; + + systemd.network.networks."50-netbird" = mkIf config.networking.useNetworkd { + matchConfig = { + Name = interfaceName; + }; + linkConfig = { + Unmanaged = true; + ActivationPolicy = "manual"; + }; + }; + + systemd.services.netbird = { + description = "A WireGuard-based mesh network that connects your devices into a single private network"; + documentation = [ "https://netbird.io/docs/" ]; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + AmbientCapabilities = [ "CAP_NET_ADMIN" ]; + DynamicUser = true; + Environment = [ + "NB_CONFIG=/var/lib/netbird/config.json" + "NB_LOG_FILE=console" + ]; + ExecStart = "${cfg.package}/bin/netbird service run"; + Restart = "always"; + RuntimeDirectory = "netbird"; + StateDirectory = "netbird"; + WorkingDirectory = "/var/lib/netbird"; + }; + unitConfig = { + StartLimitInterval = 5; + StartLimitBurst = 10; + }; + stopIfChanged = false; + }; + }; +} |