moved wireguard to extra

This commit is contained in:
Sven Vogel 2023-11-18 11:33:43 +01:00
parent c5675a751c
commit 92298b4bd7
4 changed files with 17 additions and 10 deletions

View File

@ -32,7 +32,6 @@
# extra enabled kernel modules
boot.kernelModules = [
"sg" # for generic SCSI devices such as /dev/sg0
"wireguard"
];
# Kernel parameter on boot
@ -47,4 +46,4 @@
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
}
}

View File

@ -38,8 +38,6 @@ in
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
networking.wireguard.enable = true;
# Enable networking
networking.networkmanager.enable = true;
@ -235,12 +233,6 @@ in
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.allowedUDPPorts = [
51820 # wireguard client
];
# Or disable the firewall altogether.
# networking.firewall.enable = false;

View File

@ -4,6 +4,7 @@
./dvd.nix
./yubikey.nix
./platformio.nix
./wireguard.nix
./language-server.nix
];
}

15
extra/wireguard.nix Normal file
View File

@ -0,0 +1,15 @@
{ pkgs, config, ... }: {
networking.wireguard.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.allowedUDPPorts = [
51820 # wireguard client
];
boot.kernelModules = [
"wireguard"
];
}