about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--maintainers/maintainer-list.nix6
-rw-r--r--nixos/modules/module-list.nix1
-rw-r--r--nixos/modules/services/networking/wg-netmanager.nix42
-rw-r--r--pkgs/tools/networking/wg-netmanager/default.nix30
-rw-r--r--pkgs/top-level/all-packages.nix4
5 files changed, 83 insertions, 0 deletions
diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 4498db46d2866..40209049f7a3a 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -4396,6 +4396,12 @@
     githubId = 27668;
     name = "Tobias Pflug";
   };
+  gin66 = {
+    email = "jochen@kiemes.de";
+    github = "gin66";
+    githubId = 5549373;
+    name = "Jochen Kiemes";
+  };
   giogadi = {
     email = "lgtorres42@gmail.com";
     github = "giogadi";
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 28724d1e85d3e..cbc650249127f 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -914,6 +914,7 @@
   ./services/networking/vsftpd.nix
   ./services/networking/wasabibackend.nix
   ./services/networking/websockify.nix
+  ./services/networking/wg-netmanager.nix
   ./services/networking/wg-quick.nix
   ./services/networking/wireguard.nix
   ./services/networking/wpa_supplicant.nix
diff --git a/nixos/modules/services/networking/wg-netmanager.nix b/nixos/modules/services/networking/wg-netmanager.nix
new file mode 100644
index 0000000000000..493ff7ceba9f1
--- /dev/null
+++ b/nixos/modules/services/networking/wg-netmanager.nix
@@ -0,0 +1,42 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.wg-netmanager;
+in
+{
+
+  options = {
+    services.wg-netmanager = {
+      enable = mkEnableOption "Wireguard network manager";
+    };
+  };
+
+  ###### implementation
+  config = mkIf cfg.enable {
+    # NOTE: wg-netmanager runs as root
+    systemd.services.wg-netmanager = {
+      description = "Wireguard network manager";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+      path = with pkgs; [ wireguard-tools iproute2 wireguard-go ];
+      serviceConfig = {
+        Type = "simple";
+        Restart = "on-failure";
+        ExecStart = "${pkgs.wg-netmanager}/bin/wg_netmanager";
+        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+        ExecStop = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+
+        ReadWritePaths = [
+          "/tmp"  # wg-netmanager creates files in /tmp before deleting them after use
+        ];
+      };
+      unitConfig =  {
+        ConditionPathExists = ["/etc/wg_netmanager/network.yaml" "/etc/wg_netmanager/peer.yaml"];
+      };
+    };
+  };
+
+  meta.maintainers = with maintainers; [ gin66 ];
+}
diff --git a/pkgs/tools/networking/wg-netmanager/default.nix b/pkgs/tools/networking/wg-netmanager/default.nix
new file mode 100644
index 0000000000000..1392934564ebb
--- /dev/null
+++ b/pkgs/tools/networking/wg-netmanager/default.nix
@@ -0,0 +1,30 @@
+{ lib, stdenv, fetchFromGitHub, rustPlatform, darwin, wireguard-go, Security }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "wg-netmanager";
+  version = "0.4.1";
+
+  src = fetchFromGitHub {
+    owner = "gin66";
+    repo = "wg_netmanager";
+    rev = "wg_netmanager-v${version}";
+    sha256 = "AAtSSBz2zGLIEpcEMbe1mfYZikiaYEI+6KeSL5n54PE=";
+  };
+
+  cargoSha256 = "17k83QkQDq5uRCRADRLD2Q7pv7yES20lpms/N/UK+BM=";
+
+  buildInputs = lib.optional stdenv.isDarwin Security;
+
+  # Test 01 tries to create a wireguard interface, which requires sudo.
+  doCheck = true;
+  checkFlags = "--skip device";
+
+  meta = with lib; {
+    description = "Wireguard network manager";
+    longDescription = "Wireguard network manager, written in rust, simplifies the setup of wireguard nodes, identifies short connections between nodes residing in the same subnet, identifies unreachable aka dead nodes and maintains the routes between all nodes automatically. To achieve this, wireguard network manager needs to be running on each node.";
+    homepage = "https://github.com/gin66/wg_netmanager";
+    license = with licenses; [ mit asl20 bsd3 mpl20 ];
+    maintainers = with maintainers; [ gin66 ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 7c818f1b6e069..c806af25e8850 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -10937,6 +10937,10 @@ with pkgs;
 
   wg-friendly-peer-names = callPackage ../tools/networking/wg-friendly-peer-names { };
 
+  wg-netmanager = callPackage ../tools/networking/wg-netmanager {
+    inherit (darwin.apple_sdk.frameworks) Security;
+  };
+
   woff2 = callPackage ../development/web/woff2 { };
 
   woof = callPackage ../tools/misc/woof { };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-25 05:04:34 +0000