23 lines
742 B
Nix
23 lines
742 B
Nix
{ options, config, lib, pkgs, ... }:
|
|
with lib;
|
|
with lib.custom;
|
|
let
|
|
cfg = config.modules.services.wireguard;
|
|
udpPorts = mapAttrs' (_: cfg: cfg.listenPort) config.networking.wireguard.interfaces;
|
|
interfaces = elem 0 (mapAttrs' (n: _: n) config.networking.interfaces);
|
|
wgInterfaces = elem 0 (mapAttrs' (n: _: n) config.networking.wireguard.interfaces);
|
|
in {
|
|
options.modules.services.wireguard = with types; {
|
|
enable = mkBoolOpt false;
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
networking = {
|
|
firewall.allowedUDPPorts = udpPorts;
|
|
nat.enable = true;
|
|
nat.externalInterface = mkDefault interfaces;
|
|
nat.internalInterfaces = mkDefault wgInterfaces;
|
|
};
|
|
};
|
|
}
|