mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
services: wireguard: Add keep-alive support.
* gnu/services/vpn.scm (<wireguard-peer>): Add 'keep-alive' field. (wireguard-configuration-file): Use it. * doc/guix.texi (VPN Services): Document it.
This commit is contained in:
parent
50d9bccb2f
commit
3313f61e18
2 changed files with 17 additions and 4 deletions
|
@ -68,7 +68,7 @@ Copyright @copyright{} 2019 Ivan Petkov@*
|
|||
Copyright @copyright{} 2019 Jakob L. Kreuze@*
|
||||
Copyright @copyright{} 2019 Kyle Andrews@*
|
||||
Copyright @copyright{} 2019 Alex Griffin@*
|
||||
Copyright @copyright{} 2019, 2020 Guillaume Le Vaillant@*
|
||||
Copyright @copyright{} 2019, 2020, 2021 Guillaume Le Vaillant@*
|
||||
Copyright @copyright{} 2020 Leo Prikler@*
|
||||
Copyright @copyright{} 2019, 2020 Simon Tournier@*
|
||||
Copyright @copyright{} 2020 Wiktor Żelazny@*
|
||||
|
@ -26999,6 +26999,12 @@ The peer public-key represented as a base64 string.
|
|||
A list of IP addresses from which incoming traffic for this peer is
|
||||
allowed and to which incoming traffic for this peer is directed.
|
||||
|
||||
@item @code{keep-alive} (default: @code{#f})
|
||||
An optional time interval in seconds. A packet will be sent to the
|
||||
server endpoint once per time interval. This helps receiving
|
||||
incoming connections from this peer when you are behind a NAT or
|
||||
a firewall.
|
||||
|
||||
@end table
|
||||
@end deftp
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
|
||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
|
||||
;;; Copyright © 2021 Guillaume Le Vaillant <glv@posteo.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -537,7 +538,9 @@ (define-record-type* <wireguard-peer>
|
|||
(endpoint wireguard-peer-endpoint
|
||||
(default #f)) ;string
|
||||
(public-key wireguard-peer-public-key) ;string
|
||||
(allowed-ips wireguard-peer-allowed-ips)) ;list of strings
|
||||
(allowed-ips wireguard-peer-allowed-ips) ;list of strings
|
||||
(keep-alive wireguard-peer-keep-alive
|
||||
(default #f))) ;integer
|
||||
|
||||
(define-record-type* <wireguard-configuration>
|
||||
wireguard-configuration make-wireguard-configuration
|
||||
|
@ -560,16 +563,20 @@ (define (peer->config peer)
|
|||
(let ((name (wireguard-peer-name peer))
|
||||
(public-key (wireguard-peer-public-key peer))
|
||||
(endpoint (wireguard-peer-endpoint peer))
|
||||
(allowed-ips (wireguard-peer-allowed-ips peer)))
|
||||
(allowed-ips (wireguard-peer-allowed-ips peer))
|
||||
(keep-alive (wireguard-peer-keep-alive peer)))
|
||||
(format #f "[Peer] #~a
|
||||
PublicKey = ~a
|
||||
AllowedIPs = ~a
|
||||
~a"
|
||||
~a~a"
|
||||
name
|
||||
public-key
|
||||
(string-join allowed-ips ",")
|
||||
(if endpoint
|
||||
(format #f "Endpoint = ~a\n" endpoint)
|
||||
"")
|
||||
(if keep-alive
|
||||
(format #f "PersistentKeepalive = ~a\n" keep-alive)
|
||||
"\n"))))
|
||||
|
||||
(match-record config <wireguard-configuration>
|
||||
|
|
Loading…
Reference in a new issue