b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

wireguard: make sure wg never blocks boot

Browse source
This commit is contained in:
Benjamin Yule Bädorf 2024-04-15 12:39:13 +02:00
parent 54fc54285f
commit 08eb16fc93
Signed by: b12f
GPG key ID: 729956E1124F8F26
3 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/wireguard/private.nix
View file

@ -44,6 +44,8 @@ in {
config = mkIf (builtins.length cfg.ownIPs != 0) {
networking.firewall.allowedUDPPorts = [51899];
systemd.network.wait-online.ignoredInterfaces = [ "wg-private" ];
systemd.services.wireguard-wg-private = {
wantedBy = [
"network.target"

2
modules/wireguard/pub.solar.nix
View file

@ -24,6 +24,8 @@ in {
config = mkIf (length cfg.ownIPs != 0){
networking.firewall.allowedUDPPorts = [51821];
systemd.network.wait-online.ignoredInterfaces = [ "wg-pub-solar" ];
systemd.services.wireguard-wg-pub-solar = {
after = [
"network.target"

6
modules/wireguard/tunnel.nix
View file

@ -41,6 +41,12 @@ in {
config = mkIf (length cfg.ownIPs != 0){
networking.firewall.allowedUDPPorts = [51820];
systemd.network.wait-online.ignoredInterfaces = [ "wg-tunnel" ];
systemd.targets.wireguard-wg-tunnel = {
wantedBy = lib.mkForce [];
};
systemd.services.wireguard-wg-tunnel = {
wants = [
"wireguard-wg-private.service"