fix: plain wg0 no namespace blah
parent
b0f61ff0dc
commit
40a83335f8
|
@ -141,24 +141,19 @@
|
|||
set -e
|
||||
# Create wireguard
|
||||
${iproute}/bin/ip link add wg0 type wireguard
|
||||
# Move to wg namespace
|
||||
${iproute}/bin/ip link set wg0 netns wg
|
||||
# Connect to vpn
|
||||
${iproute}/bin/ip -n wg address add 10.65.64.220/32 dev wg0
|
||||
${iproute}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0
|
||||
${iproute}/bin/ip netns exec wg ${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf
|
||||
# Bridge namespace to physical port
|
||||
${iproute}/bin/ip link add macvlan1 link enp3s0 type macvlan mode bridge
|
||||
${iproute}/bin/ip link set macvlan1 netns wg
|
||||
${iproute}/bin/ip address add 10.65.64.220/32 dev wg0
|
||||
${iproute}/bin/ip -6 address add fc00:bbbb:bbbb:bb01::2:40db/128 dev wg0
|
||||
${wireguard-tools}/bin/wg setconf wg0 /var/wireguard-keys/chief-frog.conf
|
||||
# Open network
|
||||
${iproute}/bin/ip -n wg link set wg0 up
|
||||
${iproute}/bin/ip -n wg route add default dev wg0
|
||||
${iproute}/bin/ip -n wg -6 route add default dev wg0
|
||||
${iproute}/bin/ip link set wg0 up
|
||||
${iproute}/bin/ip route add default dev wg0
|
||||
${iproute}/bin/ip -6 route add default dev wg0
|
||||
'';
|
||||
ExecStop = with pkgs; writers.writeBash "wg-down" ''
|
||||
${iproute}/bin/ip -n wg route del default dev wg0
|
||||
${iproute}/bin/ip -n wg -6 route del default dev wg0
|
||||
${iproute}/bin/ip -n wg link del wg0
|
||||
${iproute}/bin/ip route del default dev wg0
|
||||
${iproute}/bin/ip -6 route del default dev wg0
|
||||
${iproute}/bin/ip link del wg0
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -171,9 +166,9 @@
|
|||
bindsTo = [ "netns@wg.service" ];
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "wg.service" ];
|
||||
serviceConfig = {
|
||||
NetworkNamespacePath = "/var/run/netns/wg";
|
||||
};
|
||||
# serviceConfig = {
|
||||
# NetworkNamespacePath = "/var/run/netns/wg";
|
||||
# };
|
||||
};
|
||||
|
||||
services.kavita = {
|
||||
|
|
Loading…
Reference in New Issue