Twins
/
server-configuration
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: plain wg0 no namespace blah

main
Louis Pearson 2024-01-09 23:48:05 -07:00
parent b0f61ff0dc
commit 40a83335f8
1 changed files with 12 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
configuration.nix
View File

@ -141,24 +141,19 @@
set -e set -e
# Create wireguard # Create wireguard
${iproute}/bin/ip link add wg0 type wireguard ${iproute}/bin/ip link add wg0 type wireguard
# Move to wg namespace
${iproute}/bin/ip link set wg0 netns wg
# Connect to vpn # Connect to vpn
${iproute}/bin/ip -n wg address add 10.65.64.220/32 dev wg0 ${iproute}/bin/ip address add 10.65.64.220/32 dev wg0
${iproute}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0 ${iproute}/bin/ip -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0
${iproute}/bin/ip netns exec wg ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf
# Bridge namespace to physical port
${iproute}/bin/ip link add macvlan1 link enp3s0 type macvlan mode bridge
${iproute}/bin/ip link set macvlan1 netns wg
# Open network # Open network
${iproute}/bin/ip -n wg link set wg0 up ${iproute}/bin/ip link set wg0 up
${iproute}/bin/ip -n wg route add default dev wg0 ${iproute}/bin/ip route add default dev wg0
${iproute}/bin/ip -n wg -6 route add default dev wg0 ${iproute}/bin/ip -6 route add default dev wg0
''; '';
ExecStop = with pkgs; writers.writeBash "wg-down" '' ExecStop = with pkgs; writers.writeBash "wg-down" ''
${iproute}/bin/ip -n wg route del default dev wg0 ${iproute}/bin/ip route del default dev wg0
${iproute}/bin/ip -n wg -6 route del default dev wg0 ${iproute}/bin/ip -6 route del default dev wg0
${iproute}/bin/ip -n wg link del wg0 ${iproute}/bin/ip link del wg0
''; '';
}; };
}; };
@ -171,9 +166,9 @@
bindsTo = [ "netns@wg.service" ]; bindsTo = [ "netns@wg.service" ];
requires = [ "network-online.target" ]; requires = [ "network-online.target" ];
after = [ "wg.service" ]; after = [ "wg.service" ];
serviceConfig = { # serviceConfig = {
NetworkNamespacePath = "/var/run/netns/wg"; # NetworkNamespacePath = "/var/run/netns/wg";
}; # };
}; };
services.kavita = { services.kavita = {