TakeV
/
guix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

services: wireguard: Add more configuration fields. 

* gnu/services/vpn.scm (<wireguard-configuration>)[pre-up, post-up, pre-down,
post-down, table]: New fields.
(wireguard-configuration-file): Take them into account.
* doc/guix.texi (Wireguard): Update it.
This commit is contained in:
Mathieu Othacehe 2022-10-20 10:49:05 +02:00
parent 2a5c2a6184
commit 7ee77dc6df
No known key found for this signature in database
GPG Key ID: 8354763531769CA6
2 changed files with 72 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/guix.texi
View File

@ -31442,6 +31442,24 @@ the file does not exist.
The authorized peers on this interface. This is a list of
@var{wireguard-peer} records.
@item @code{pre-up} (default: @code{'()})
The script commands to be run before setting up the interface.
@item @code{post-up} (default: @code{'()})
The script commands to be run after setting up the interface.
@item @code{pre-down} (default: @code{'()})
The script commands to be run before tearing down the interface.
@item @code{post-down} (default: @code{'()})
The script commands to be run after tearing down the interface.
@item @code{table} (default: @code{"auto"})
The routing table to which routes are added, as a string. There are two
special values: @code{"off"} that disables the creation of routes
altogether, and @code{"auto"} (the default) that adds routes to the
default table and enables special handling of default routes.
@end table
@end deftp

56
gnu/services/vpn.scm
View File

@ -72,6 +72,11 @@
wireguard-configuration-dns
wireguard-configuration-private-key
wireguard-configuration-peers
wireguard-configuration-pre-up
wireguard-configuration-post-up
wireguard-configuration-pre-down
wireguard-configuration-post-down
wireguard-configuration-table
wireguard-service-type))
@ -724,7 +729,17 @@ strongSwan.")))
(peers wireguard-configuration-peers ;list of <wiregard-peer>
(default '()))
(dns wireguard-configuration-dns ;list of strings
(default #f)))
(default #f))
(pre-up wireguard-configuration-pre-up ;list of strings
(default '()))
(post-up wireguard-configuration-post-up ;list of strings
(default '()))
(pre-down wireguard-configuration-pre-down ;list of strings
(default '()))
(post-down wireguard-configuration-post-down ;list of strings
(default '()))
(table wireguard-configuration-table ;string
(default "auto")))
(define (wireguard-configuration-file config)
(define (peer->config peer)
@ -748,7 +763,8 @@ AllowedIPs = ~a
"\n"))))
(match-record config <wireguard-configuration>
(wireguard interface addresses port private-key peers dns)
(wireguard interface addresses port private-key peers dns
pre-up post-up pre-down post-down table)
(let* ((config-file (string-append interface ".conf"))
(peers (map peer->config peers))
(config
@ -762,13 +778,49 @@ AllowedIPs = ~a
(let ((format (@ (ice-9 format) format)))
(format port "[Interface]
Address = ~a
~a
~a
PostUp = ~a set %i private-key ~a
~a
~a
~a
~a
~a
~{~a~^~%~}"
#$(string-join addresses ",")
#$(if table
(format #f "Table = ~a" table)
"")
#$(if (null? pre-up)
""
(string-join
(map (lambda (command)
(format #f "PreUp = ~a" command))
pre-up)
"\n"))
#$(file-append wireguard "/bin/wg")
#$private-key
#$(if (null? post-up)
""
(string-join
(map (lambda (command)
(format #f "PostUp = ~a" command))
post-up)
"\n"))
#$(if (null? pre-down)
""
(string-join
(map (lambda (command)
(format #f "PreDown = ~a" command))
pre-down)
"\n"))
#$(if (null? post-down)
""
(string-join
(map (lambda (command)
(format #f "PostDown = ~a" command))
post-down)
"\n"))
#$(if port
(format #f "ListenPort = ~a" port)
"")