mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-11 13:49:23 -05:00
services: wireguard: Add more configuration fields.
* gnu/services/vpn.scm (<wireguard-configuration>)[pre-up, post-up, pre-down, post-down, table]: New fields. (wireguard-configuration-file): Take them into account. * doc/guix.texi (Wireguard): Update it.
This commit is contained in:
Mathieu Othacehe
parent
2a5c2a6184
commit
7ee77dc6df
2 changed files with 72 additions and 2 deletions
|
|
@ -31442,6 +31442,24 @@ the file does not exist.
|
||||||
The authorized peers on this interface. This is a list of
|
The authorized peers on this interface. This is a list of
|
||||||
@var{wireguard-peer} records.
|
@var{wireguard-peer} records.
|
||||||
|
|
||||||
|
@item @code{pre-up} (default: @code{'()})
|
||||||
|
The script commands to be run before setting up the interface.
|
||||||
|
|
||||||
|
@item @code{post-up} (default: @code{'()})
|
||||||
|
The script commands to be run after setting up the interface.
|
||||||
|
|
||||||
|
@item @code{pre-down} (default: @code{'()})
|
||||||
|
The script commands to be run before tearing down the interface.
|
||||||
|
|
||||||
|
@item @code{post-down} (default: @code{'()})
|
||||||
|
The script commands to be run after tearing down the interface.
|
||||||
|
|
||||||
|
@item @code{table} (default: @code{"auto"})
|
||||||
|
The routing table to which routes are added, as a string. There are two
|
||||||
|
special values: @code{"off"} that disables the creation of routes
|
||||||
|
altogether, and @code{"auto"} (the default) that adds routes to the
|
||||||
|
default table and enables special handling of default routes.
|
||||||
|
|
||||||
@end table
|
@end table
|
||||||
@end deftp
|
@end deftp
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -72,6 +72,11 @@ (define-module (gnu services vpn)
|
||||||
wireguard-configuration-dns
|
wireguard-configuration-dns
|
||||||
wireguard-configuration-private-key
|
wireguard-configuration-private-key
|
||||||
wireguard-configuration-peers
|
wireguard-configuration-peers
|
||||||
|
wireguard-configuration-pre-up
|
||||||
|
wireguard-configuration-post-up
|
||||||
|
wireguard-configuration-pre-down
|
||||||
|
wireguard-configuration-post-down
|
||||||
|
wireguard-configuration-table
|
||||||
|
|
||||||
wireguard-service-type))
|
wireguard-service-type))
|
||||||
|
|
||||||
|
|
@ -724,7 +729,17 @@ (define-record-type* <wireguard-configuration>
|
||||||
(peers wireguard-configuration-peers ;list of <wiregard-peer>
|
(peers wireguard-configuration-peers ;list of <wiregard-peer>
|
||||||
(default '()))
|
(default '()))
|
||||||
(dns wireguard-configuration-dns ;list of strings
|
(dns wireguard-configuration-dns ;list of strings
|
||||||
(default #f)))
|
(default #f))
|
||||||
|
(pre-up wireguard-configuration-pre-up ;list of strings
|
||||||
|
(default '()))
|
||||||
|
(post-up wireguard-configuration-post-up ;list of strings
|
||||||
|
(default '()))
|
||||||
|
(pre-down wireguard-configuration-pre-down ;list of strings
|
||||||
|
(default '()))
|
||||||
|
(post-down wireguard-configuration-post-down ;list of strings
|
||||||
|
(default '()))
|
||||||
|
(table wireguard-configuration-table ;string
|
||||||
|
(default "auto")))
|
||||||
|
|
||||||
(define (wireguard-configuration-file config)
|
(define (wireguard-configuration-file config)
|
||||||
(define (peer->config peer)
|
(define (peer->config peer)
|
||||||
|
|
@ -748,7 +763,8 @@ (define (peer->config peer)
|
||||||
"\n"))))
|
"\n"))))
|
||||||
|
|
||||||
(match-record config <wireguard-configuration>
|
(match-record config <wireguard-configuration>
|
||||||
(wireguard interface addresses port private-key peers dns)
|
(wireguard interface addresses port private-key peers dns
|
||||||
|
pre-up post-up pre-down post-down table)
|
||||||
(let* ((config-file (string-append interface ".conf"))
|
(let* ((config-file (string-append interface ".conf"))
|
||||||
(peers (map peer->config peers))
|
(peers (map peer->config peers))
|
||||||
(config
|
(config
|
||||||
|
|
@ -762,13 +778,49 @@ (define (peer->config peer)
|
||||||
(let ((format (@ (ice-9 format) format)))
|
(let ((format (@ (ice-9 format) format)))
|
||||||
(format port "[Interface]
|
(format port "[Interface]
|
||||||
Address = ~a
|
Address = ~a
|
||||||
|
~a
|
||||||
|
~a
|
||||||
PostUp = ~a set %i private-key ~a
|
PostUp = ~a set %i private-key ~a
|
||||||
~a
|
~a
|
||||||
~a
|
~a
|
||||||
|
~a
|
||||||
|
~a
|
||||||
|
~a
|
||||||
~{~a~^~%~}"
|
~{~a~^~%~}"
|
||||||
#$(string-join addresses ",")
|
#$(string-join addresses ",")
|
||||||
|
#$(if table
|
||||||
|
(format #f "Table = ~a" table)
|
||||||
|
"")
|
||||||
|
#$(if (null? pre-up)
|
||||||
|
""
|
||||||
|
(string-join
|
||||||
|
(map (lambda (command)
|
||||||
|
(format #f "PreUp = ~a" command))
|
||||||
|
pre-up)
|
||||||
|
"\n"))
|
||||||
#$(file-append wireguard "/bin/wg")
|
#$(file-append wireguard "/bin/wg")
|
||||||
#$private-key
|
#$private-key
|
||||||
|
#$(if (null? post-up)
|
||||||
|
""
|
||||||
|
(string-join
|
||||||
|
(map (lambda (command)
|
||||||
|
(format #f "PostUp = ~a" command))
|
||||||
|
post-up)
|
||||||
|
"\n"))
|
||||||
|
#$(if (null? pre-down)
|
||||||
|
""
|
||||||
|
(string-join
|
||||||
|
(map (lambda (command)
|
||||||
|
(format #f "PreDown = ~a" command))
|
||||||
|
pre-down)
|
||||||
|
"\n"))
|
||||||
|
#$(if (null? post-down)
|
||||||
|
""
|
||||||
|
(string-join
|
||||||
|
(map (lambda (command)
|
||||||
|
(format #f "PostDown = ~a" command))
|
||||||
|
post-down)
|
||||||
|
"\n"))
|
||||||
#$(if port
|
#$(if port
|
||||||
(format #f "ListenPort = ~a" port)
|
(format #f "ListenPort = ~a" port)
|
||||||
"")
|
"")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue