nixpkgs/nixos/modules/services/networking/wg-netmanager.nix

{
  config,
  lib,
  pkgs,
  ...
}:

with lib;

let
  cfg = config.services.wg-netmanager;
in
{

  options = {
    services.wg-netmanager = {
      enable = mkEnableOption "Wireguard network manager";
    };
  };

  ###### implementation
  config = mkIf cfg.enable {
    # NOTE: wg-netmanager runs as root
    systemd.services.wg-netmanager = {
      description = "Wireguard network manager";
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
      path = with pkgs; [
        wireguard-tools
        iproute2
        wireguard-go
      ];
      serviceConfig = {
        Type = "simple";
        Restart = "on-failure";
        ExecStart = "${pkgs.wg-netmanager}/bin/wg_netmanager";
        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
        ExecStop = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";

        ReadWritePaths = [
          "/tmp" # wg-netmanager creates files in /tmp before deleting them after use
        ];
      };
      unitConfig = {
        ConditionPathExists = [
          "/etc/wg_netmanager/network.yaml"
          "/etc/wg_netmanager/peer.yaml"
        ];
      };
    };
  };

  meta.maintainers = with maintainers; [ gin66 ];
}
wg-netmanager: init at 0.3.6 (#155149) Co-authored-by: Sandro <sandro.jaeckel@gmail.com> 2022-02-07 16:46:51 +01:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`

			`with lib;`

			`let`
			`cfg = config.services.wg-netmanager;`
			`in`
			`{`

			`options = {`
			`services.wg-netmanager = {`
			`enable = mkEnableOption "Wireguard network manager";`
			`};`
			`};`

			`###### implementation`
			`config = mkIf cfg.enable {`
			`# NOTE: wg-netmanager runs as root`
			`systemd.services.wg-netmanager = {`
			`description = "Wireguard network manager";`
			`wantedBy = [ "multi-user.target" ];`
			`after = [ "network.target" ];`
			`path = with pkgs; [`
			`wireguard-tools`
			`iproute2`
			`wireguard-go`
			`];`
			`serviceConfig = {`
			`Type = "simple";`
			`Restart = "on-failure";`
			`ExecStart = "${pkgs.wg-netmanager}/bin/wg_netmanager";`
			`ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";`
			`ExecStop = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";`

			`ReadWritePaths = [`
			`"/tmp" # wg-netmanager creates files in /tmp before deleting them after use`
			`];`
			`};`
			`unitConfig = {`
			`ConditionPathExists = [`
			`"/etc/wg_netmanager/network.yaml"`
			`"/etc/wg_netmanager/peer.yaml"`
			`];`
			`};`
			`};`
			`};`

			`meta.maintainers = with maintainers; [ gin66 ];`
			`}`