sourcephile / git / sourcephile-nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
losurdo: openvpn: riseup: update remotes
[sourcephile-nix.git] / hosts / losurdo / wireguard / wg-extra.nix
diff --git a/hosts/losurdo/wireguard/wg-extra.nix b/hosts/losurdo/wireguard/wg-extra.nix
index 8a82b74d5e2bfc2c9bbf5d91304378d535ad79fa..41578f5201fdadbd6c80c2fcbf0df126c7932b3c 100644 (file)
--- a/hosts/losurdo/wireguard/wg-extra.nix
+++ b/hosts/losurdo/wireguard/wg-extra.nix
@@ -32,8 +32,10 @@ in
     }
   '';
   #boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
-  systemd.services."wireguard-${wgIface}".serviceConfig.LoadCredentialEncrypted =
-    [ "privateKey:${inputs.self}/hosts/${hostName}/wireguard/${wgIface}/privateKey.cred" ];
+  systemd.services."wireguard-${wgIface}".serviceConfig.LoadCredentialEncrypted = [
+    "privateKey:${./. + "/${wgIface}/privateKey.cred"}"
+  ];
+  networking.networkmanager.unmanaged = [ wgIface ];
   networking.wireguard.interfaces.${wgIface} = {
     # publicKey: 1Iyq96rPHfyrt4B31NqKLgWzlglkMAWjA41aF279gjM=
     privateKeyFile = "$CREDENTIALS_DIRECTORY/privateKey";
@@ -43,7 +45,7 @@ in
     /*
       interfaceNamespace = "extra";
       preSetup = ''
-      ${pkgs.iproute}/bin/ip netns add extra
+      ${pkgs.iproute2}/bin/ip netns add extra
       '';
     */
     peers = [
NixOS configurations for Sourcephile's infrastructure