diff --git a/configuration.nix b/configuration.nix index f3ec909..1303a9b 100644 --- a/configuration.nix +++ b/configuration.nix @@ -141,24 +141,19 @@ set -e # Create wireguard ${iproute}/bin/ip link add wg0 type wireguard - # Move to wg namespace - ${iproute}/bin/ip link set wg0 netns wg # Connect to vpn - ${iproute}/bin/ip -n wg address add 10.65.64.220/32 dev wg0 - ${iproute}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0 - ${iproute}/bin/ip netns exec wg ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf - # Bridge namespace to physical port - ${iproute}/bin/ip link add macvlan1 link enp3s0 type macvlan mode bridge - ${iproute}/bin/ip link set macvlan1 netns wg + ${iproute}/bin/ip address add 10.65.64.220/32 dev wg0 + ${iproute}/bin/ip -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0 + ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf # Open network - ${iproute}/bin/ip -n wg link set wg0 up - ${iproute}/bin/ip -n wg route add default dev wg0 - ${iproute}/bin/ip -n wg -6 route add default dev wg0 + ${iproute}/bin/ip link set wg0 up + ${iproute}/bin/ip route add default dev wg0 + ${iproute}/bin/ip -6 route add default dev wg0 ''; ExecStop = with pkgs; writers.writeBash "wg-down" '' - ${iproute}/bin/ip -n wg route del default dev wg0 - ${iproute}/bin/ip -n wg -6 route del default dev wg0 - ${iproute}/bin/ip -n wg link del wg0 + ${iproute}/bin/ip route del default dev wg0 + ${iproute}/bin/ip -6 route del default dev wg0 + ${iproute}/bin/ip link del wg0 ''; }; }; @@ -171,9 +166,9 @@ bindsTo = [ "netns@wg.service" ]; requires = [ "network-online.target" ]; after = [ "wg.service" ]; - serviceConfig = { - NetworkNamespacePath = "/var/run/netns/wg"; - }; + # serviceConfig = { + # NetworkNamespacePath = "/var/run/netns/wg"; + # }; }; services.kavita = {