wireguard: make sure wg never blocks boot
This commit is contained in:
parent
54fc54285f
commit
08eb16fc93
|
@ -44,6 +44,8 @@ in {
|
||||||
config = mkIf (builtins.length cfg.ownIPs != 0) {
|
config = mkIf (builtins.length cfg.ownIPs != 0) {
|
||||||
networking.firewall.allowedUDPPorts = [51899];
|
networking.firewall.allowedUDPPorts = [51899];
|
||||||
|
|
||||||
|
systemd.network.wait-online.ignoredInterfaces = [ "wg-private" ];
|
||||||
|
|
||||||
systemd.services.wireguard-wg-private = {
|
systemd.services.wireguard-wg-private = {
|
||||||
wantedBy = [
|
wantedBy = [
|
||||||
"network.target"
|
"network.target"
|
||||||
|
|
|
@ -24,6 +24,8 @@ in {
|
||||||
config = mkIf (length cfg.ownIPs != 0){
|
config = mkIf (length cfg.ownIPs != 0){
|
||||||
networking.firewall.allowedUDPPorts = [51821];
|
networking.firewall.allowedUDPPorts = [51821];
|
||||||
|
|
||||||
|
systemd.network.wait-online.ignoredInterfaces = [ "wg-pub-solar" ];
|
||||||
|
|
||||||
systemd.services.wireguard-wg-pub-solar = {
|
systemd.services.wireguard-wg-pub-solar = {
|
||||||
after = [
|
after = [
|
||||||
"network.target"
|
"network.target"
|
||||||
|
|
|
@ -41,6 +41,12 @@ in {
|
||||||
config = mkIf (length cfg.ownIPs != 0){
|
config = mkIf (length cfg.ownIPs != 0){
|
||||||
networking.firewall.allowedUDPPorts = [51820];
|
networking.firewall.allowedUDPPorts = [51820];
|
||||||
|
|
||||||
|
systemd.network.wait-online.ignoredInterfaces = [ "wg-tunnel" ];
|
||||||
|
|
||||||
|
systemd.targets.wireguard-wg-tunnel = {
|
||||||
|
wantedBy = lib.mkForce [];
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services.wireguard-wg-tunnel = {
|
systemd.services.wireguard-wg-tunnel = {
|
||||||
wants = [
|
wants = [
|
||||||
"wireguard-wg-private.service"
|
"wireguard-wg-private.service"
|
||||||
|
|
Loading…
Reference in a new issue