ellmau/nixos
1
0
Fork 0
mirror of https://github.com/ellmau/nixos.git synced 2025-12-19 09:29:36 +01:00
Code Issues Projects Releases Wiki Activity

Fix dns entries on client side (wireguard)

Browse Source
This commit is contained in:
Stefan Ellmauthaler 2022-08-02 14:21:11 +02:00
parent 9b19f4d28f
commit cc5f228d8a
Failed to extract signature
3 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
machines/stel-xps/default.nix
View File

@ -36,7 +36,7 @@
}; };
# enable wireguard # enable wireguard
wireguard.enable = false; wireguard.enable = true;
# user setup # user setup
users = { users = {

13
modules/base.nix
View File

@ -1,6 +1,15 @@
{ config, lib, pkgs, ...} : { config, lib, pkgs, ... }:
with lib; { with lib; {
options.elss.base.enable = mkEnableOption "Set the base configuration for the system"; options.elss = {
base.enable = mkEnableOption "Set the base configuration for the system";
dns = {
wgZone = mkOption {
type = types.str;
description = "Zone for generated wireguard zones";
default = "wg.ellmauthaler.net";
};
};
};
config = mkIf config.elss.base.enable { config = mkIf config.elss.base.enable {
services = { services = {
dbus = { dbus = {

4
modules/wireguard.nix
View File

@ -147,6 +147,7 @@
serverIps = name: server: mkServerAddresses prefixes server.localIp; serverIps = name: server: mkServerAddresses prefixes server.localIp;
dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers); dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers);
in in
lib.concatStrings ([ lib.concatStrings ([
'' ''
${pkgs.systemd}/bin/resolvectl domain ${ifName} ${name}.${config.elss.dns.wgZone} ${pkgs.systemd}/bin/resolvectl domain ${ifName} ${name}.${config.elss.dns.wgZone}
@ -179,7 +180,7 @@
peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers; peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers;
} else if isPeer then { } else if isPeer then {
peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers; peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers;
# postSetup = mkPostSetup interface value.prefixes value.servers; postSetup = mkPostSetup interface value.prefixes value.servers;
} else } else
{ })); { }));
@ -234,6 +235,7 @@
}; };
services.unbound.settings.server.interface = map mkInterfaceName serverInterfaces; services.unbound.settings.server.interface = map mkInterfaceName serverInterfaces;
services.resolved.enable = lib.mkDefault true;
systemd.services = lib.listToAttrs (map systemd.services = lib.listToAttrs (map
(interface: { (interface: {
name = "wireguard-${mkInterfaceName interface}"; name = "wireguard-${mkInterfaceName interface}";