WireGuard: Difference between revisions

Line 304:

===Client setup===

<~~syntaxHighlight~~ lang="nix">

{

config,

Line 311:

...

}: {

boot.~~extraModulePackages~~ = [~~config.boot.kernelPackages.~~wireguard];

boot.kernelModules = [ "wireguard" ];

systemd.network = {

enable = true;

Line 323:

# See also man systemd.netdev (also contains info on the permissions of the key files)

wireguardConfig = {

# Don't use a file from the Nix store as these are world readable. Must be readable by the systemd.network user

# Don't use a file from the Nix store as these are world readable. Must be readable by the systemd-network user

PrivateKeyFile = "/run/keys/wireguard-privkey";

ListenPort = 9918;

Line 360:

}

</~~syntaxHighlight~~>

</syntaxhighlight>

==Setting up WireGuard with NetworkManager==

Line 455:

* [https://wiki.archlinux.org/index.php/WireGuard Arch Wiki] has an exhaustive guide, including troubleshooting tips

* [https://search.nixos.org/options?query=wireguard List of WireGuard options supported by NixOS]

* [https://uint.one/posts/configuring-wireguard-using-systemd-networkd-on-nixos/ Blogpost by uint.one on replicating wg-quick with networkd]

* [https://www.youtube.com/watch?v=us7V2NvsQRA Talk by @fpletz at NixCon 2018 about networkd and his WireGuard setup]

* [https://web.archive.org/web/20210101230654/https://www.the-digital-life.com/wiki/wireguard-troubleshooting/ WireGuard Troubleshooting (on Web Archive)] shows how to enable debug logs

[[Category:Networking]]

@@ Line 304: / Line 304: @@
 ===Client setup===
-<syntaxHighlight lang="nix">
+<syntaxhighlight lang="nix">
 {
    config,
@@ Line 311: / Line 311: @@
    ...
 }: {
-   boot.extraModulePackages = [config.boot.kernelPackages.wireguard];
+   boot.kernelModules = [ "wireguard" ];
    systemd.network = {
      enable = true;
@@ Line 323: / Line 323: @@
          # See also man systemd.netdev (also contains info on the permissions of the key files)
          wireguardConfig = {
-           # Don't use a file from the Nix store as these are world readable. Must be readable by the systemd.network user
+           # Don't use a file from the Nix store as these are world readable. Must be readable by the systemd-network user
            PrivateKeyFile = "/run/keys/wireguard-privkey";
            ListenPort = 9918;
@@ Line 360: / Line 360: @@
 }
-</syntaxHighlight>
+</syntaxhighlight>
 ==Setting up WireGuard with NetworkManager==
@@ Line 455: / Line 455: @@
 * [https://wiki.archlinux.org/index.php/WireGuard Arch Wiki] has an exhaustive guide, including troubleshooting tips
 * [https://search.nixos.org/options?query=wireguard List of WireGuard options supported by NixOS]
+* [https://uint.one/posts/configuring-wireguard-using-systemd-networkd-on-nixos/ Blogpost by uint.one on replicating wg-quick with networkd]
 * [https://www.youtube.com/watch?v=us7V2NvsQRA Talk by @fpletz at NixCon 2018 about networkd and his WireGuard setup]
 * [https://web.archive.org/web/20210101230654/https://www.the-digital-life.com/wiki/wireguard-troubleshooting/ WireGuard Troubleshooting (on Web Archive)] shows how to enable debug logs
 [[Category:Networking]]