From b9f006399319d5df8ca9c59f2060eb96f36f6fc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20Yule=20B=C3=A4dorf?= Date: Wed, 27 Mar 2024 15:22:46 +0100 Subject: [PATCH] wireguard: let tunnel wait for private network --- modules/wireguard/private.nix | 5 ++--- modules/wireguard/tunnel.nix | 22 ++++++++++++++++++++-- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/modules/wireguard/private.nix b/modules/wireguard/private.nix index f71d645..796dabb 100644 --- a/modules/wireguard/private.nix +++ b/modules/wireguard/private.nix @@ -45,7 +45,7 @@ in { networking.firewall.allowedUDPPorts = [51899]; systemd.services.wireguard-wg-private = { - after = [ + wantedBy = [ "network.target" "network-online.target" "nss-lookup.target" @@ -54,7 +54,7 @@ in { serviceConfig = { Type = mkForce "simple"; Restart = "on-failure"; - RestartSec = "30"; + RestartSec = "10"; }; environment = { @@ -98,7 +98,6 @@ in { "::/0" ] else []); endpoint = "vpn.b12f.io:51899"; - persistentKeepalive = 30; dynamicEndpointRefreshSeconds = 30; } ]; diff --git a/modules/wireguard/tunnel.nix b/modules/wireguard/tunnel.nix index 3ecc838..1a20ef1 100644 --- a/modules/wireguard/tunnel.nix +++ b/modules/wireguard/tunnel.nix @@ -41,8 +41,26 @@ in { config = mkIf (length cfg.ownIPs != 0){ networking.firewall.allowedUDPPorts = [51820]; - systemd.services.wireguard-wg-tunnel = mkIf (length config.pub-solar.wireguard.private.ownIPs != 0) { - after = [ "wireguard-wg-private.service" ]; + systemd.services.wireguard-wg-tunnel = { + after = [ + "network.target" + "network-online.target" + "nss-lookup.target" + ]; + + wants = [ + "wireguard-wg-private.service" + ]; + + preStart = '' + while true; do + if ${pkgs.netcat}/bin/nc -w 5 -z 10.13.12.7 22 2>/dev/null; then + exit 0; + else + sleep 1; + fi + done; + ''; serviceConfig = { Type = mkForce "simple";