Skip to content

/nixpkgs

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wireguard: 0.0.20170421 -> 0.0.20170517 #25646

Merged
merged 2 commits into from May 17, 2017
+15 −15
Merged

wireguard: 0.0.20170421 -> 0.0.20170517 #25646

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6e50243
wireguard: preshared-key is now an attribute of the peer
zx2c4 May 9, 2017
ef018d8
wireguard: 0.0.20170421 - 0.0.20170517
zx2c4 May 17, 2017
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.

Always

Just for now

26 nixos/modules/services/networking/wireguard.nix
View file
Open in desktop
@@ -27,18 +27,6 @@ let
description = "Base64 private key generated by wg genkey.";
};

presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
description = ''
base64 preshared key generated by wg genpsk. Optional,
and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
'';
};

listenPort = mkOption {
default = null;
type = with types; nullOr int;
@@ -98,6 +86,18 @@ let
description = "The base64 public key the peer.";
};

presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
description = ''
base64 preshared key generated by wg genpsk. Optional,
and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
'';
};

allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
@@ -137,12 +137,12 @@ let
generateConf = name: values: pkgs.writeText "wireguard-${name}.conf" ''

This comment has been minimized.

Sign in to view
Copy link
@Mic92

Mic92 May 9, 2017
edited

Contributor

This module should be probably rewritten later to use wg-quick, since it lakes of features like auto-mtu and the default gateway over wireguard trick.

This comment has been minimized.

Sign in to view
Copy link
@zx2c4

zx2c4 May 9, 2017

Author Contributor

Maybe, maybe not. Can you bring that up as a separate pull request in a separate issue? This one is about the upcoming version bump and preshared-key changes, not about some initiative to rewrite the whole module.
[Interface]
PrivateKey = ${values.privateKey}
${optionalString (values.presharedKey != null) "PresharedKey = ${values.presharedKey}"}
${optionalString (values.listenPort != null) "ListenPort = ${toString values.listenPort}"}
${concatStringsSep "\n\n" (map (peer: ''
[Peer]
PublicKey = ${peer.publicKey}
${optionalString (peer.presharedKey != null) "PresharedKey = ${peer.presharedKey}"}
${optionalString (peer.allowedIPs != []) "AllowedIPs = ${concatStringsSep ", " peer.allowedIPs}"}
${optionalString (peer.endpoint != null) "Endpoint = ${peer.endpoint}"}
${optionalString (peer.persistentKeepalive != null) "PersistentKeepalive = ${toString peer.persistentKeepalive}"}
4 pkgs/os-specific/linux/wireguard/default.nix
View file
Open in desktop
@@ -6,11 +6,11 @@ assert kernel != null -> stdenv.lib.versionAtLeast kernel.version "3.10";
let
name = "wireguard-${version}";

version = "0.0.20170421";
version = "0.0.20170517";

src = fetchurl {
url = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${version}.tar.xz";
sha256 = "03c82af774224cd171d000ee4a519b5e474cc6842ac04967773cf77b26750000";
sha256 = "7303e973654a3585039f4789e89a562f807f0d6010c7787b9b69ca72aa7a6908";
};

meta = with stdenv.lib; {
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.