New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wireguard service: allow empty interfaces #61743
Conversation
@@ -301,8 +301,10 @@ in | |||
|
|||
networking.wireguard = { | |||
|
|||
enable = mkEnableOption "WireGuard"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd add default = cfg.interfaces != {};
here, instead of having the logic inside the mkIf
of the implementation (and switch on cfg.enable
there).
Thus, setting networking.wireguard.enable
to false
also will disable potentially configured interfaces, which might be intended anyways.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, done!
This is also useful when using systemd-networkd to setup wireguard interfaces. Currently, one has to manually set
To load the kernel module - having cc @Mic92 |
This is needed in case one wants to use wg-quick on NixOS.
I'm probably missing something, but can't we use |
Uff, yet another NixOS module to setup wireguard - we now have With the plans to switch more of the Can we unify the kernel and userland part from
with the one already present in
|
Uhhh, didn't know about this module. Long term I think we obviously should leave only one method of doing things. I see I see Anyway, out of scope of this PR ;) |
Well, we can remove the duplications mentioned at a later point, too - nothing that needs to prevent this PR from being merged. |
This is needed in case one wants to use wg-quick on NixOS.
Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)