mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-23 06:01:15 +00:00
wireguard: preshared-key is now an attribute of the peer
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
00712bf472
commit
6e50243d98
|
@ -27,18 +27,6 @@ let
|
|||
description = "Base64 private key generated by wg genkey.";
|
||||
};
|
||||
|
||||
presharedKey = mkOption {
|
||||
default = null;
|
||||
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
|
||||
type = with types; nullOr str;
|
||||
description = ''
|
||||
base64 preshared key generated by wg genpsk. Optional,
|
||||
and may be omitted. This option adds an additional layer of
|
||||
symmetric-key cryptography to be mixed into the already existing
|
||||
public-key cryptography, for post-quantum resistance.
|
||||
'';
|
||||
};
|
||||
|
||||
listenPort = mkOption {
|
||||
default = null;
|
||||
type = with types; nullOr int;
|
||||
|
@ -98,6 +86,18 @@ let
|
|||
description = "The base64 public key the peer.";
|
||||
};
|
||||
|
||||
presharedKey = mkOption {
|
||||
default = null;
|
||||
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
|
||||
type = with types; nullOr str;
|
||||
description = ''
|
||||
base64 preshared key generated by wg genpsk. Optional,
|
||||
and may be omitted. This option adds an additional layer of
|
||||
symmetric-key cryptography to be mixed into the already existing
|
||||
public-key cryptography, for post-quantum resistance.
|
||||
'';
|
||||
};
|
||||
|
||||
allowedIPs = mkOption {
|
||||
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
|
||||
type = with types; listOf str;
|
||||
|
@ -137,12 +137,12 @@ let
|
|||
generateConf = name: values: pkgs.writeText "wireguard-${name}.conf" ''
|
||||
[Interface]
|
||||
PrivateKey = ${values.privateKey}
|
||||
${optionalString (values.presharedKey != null) "PresharedKey = ${values.presharedKey}"}
|
||||
${optionalString (values.listenPort != null) "ListenPort = ${toString values.listenPort}"}
|
||||
|
||||
${concatStringsSep "\n\n" (map (peer: ''
|
||||
[Peer]
|
||||
PublicKey = ${peer.publicKey}
|
||||
${optionalString (peer.presharedKey != null) "PresharedKey = ${peer.presharedKey}"}
|
||||
${optionalString (peer.allowedIPs != []) "AllowedIPs = ${concatStringsSep ", " peer.allowedIPs}"}
|
||||
${optionalString (peer.endpoint != null) "Endpoint = ${peer.endpoint}"}
|
||||
${optionalString (peer.persistentKeepalive != null) "PersistentKeepalive = ${toString peer.persistentKeepalive}"}
|
||||
|
|
Loading…
Reference in a new issue