dotfiles/nixos/services/torrent-wg.nix

{ pkgs, lib, config, ... }:
let cfg = config.services.yorick.torrent-vpn;
in {
  options.services.yorick.torrent-vpn = with lib; {
    enable = mkEnableOption "torrent-vpn";
    name = mkOption { type = types.str; };
    namespace = mkOption { type = types.str; };
  };
  config = {
    deployment.keyys = [ (<yori-nix/keys> + "/wg.${cfg.name}.key") ];
    networking.wireguard.interfaces.${cfg.name} = {
      # curl -s https://api.mullvad.net/www/relays/all/ | jq '.[] | select(.type == "wireguard" and .country_code == "nl")'
      ips = [ "10.66.30.26/32" "fc00:bbbb:bbbb:bb01::3:1e19/128" ];
      privateKeyFile = "/root/keys/wg.${cfg.name}.key";
      peers = [{
        publicKey = "hnRyse6QxPPcZOoSwRsHUtK1W+APWXnIoaDTmH6JsHQ=";
        allowedIPs = [ "0.0.0.0/0" "::0/0" ];
        endpoint = "[2a03:1b20:3:f011::a04f]:51820";
      }];
      interfaceNamespace = cfg.namespace;
      preSetup = ''
        ${pkgs.iproute}/bin/ip netns add "${cfg.namespace}" || true
      '';
    };
    environment.etc."netns/torrent/resolv.conf".text = ''
      nameserver 193.138.218.74
    '';
  };
}
# todo: presets
nixfmt 2021-05-29 18:05:31 +02:00			`{ pkgs, lib, config, ... }:`
			`let cfg = config.services.yorick.torrent-vpn;`
			`in {`
add mullvad config 2020-05-23 13:01:10 +02:00			`options.services.yorick.torrent-vpn = with lib; {`
			`enable = mkEnableOption "torrent-vpn";`
			`name = mkOption { type = types.str; };`
			`namespace = mkOption { type = types.str; };`
			`};`
			`config = {`
nixfmt 2021-05-29 18:05:31 +02:00			`deployment.keyys = [ (<yori-nix/keys> + "/wg.${cfg.name}.key") ];`
add mullvad config 2020-05-23 13:01:10 +02:00			`networking.wireguard.interfaces.${cfg.name} = {`
			`# curl -s https://api.mullvad.net/www/relays/all/ \| jq '.[] \| select(.type == "wireguard" and .country_code == "nl")'`
new torrent wg setup 2021-01-03 16:39:47 +01:00			`ips = [ "10.66.30.26/32" "fc00:bbbb:bbbb:bb01::3:1e19/128" ];`
add mullvad config 2020-05-23 13:01:10 +02:00			`privateKeyFile = "/root/keys/wg.${cfg.name}.key";`
			`peers = [{`
			`publicKey = "hnRyse6QxPPcZOoSwRsHUtK1W+APWXnIoaDTmH6JsHQ=";`
nixfmt 2021-05-29 18:05:31 +02:00			`allowedIPs = [ "0.0.0.0/0" "::0/0" ];`
new torrent wg setup 2021-01-03 16:39:47 +01:00			`endpoint = "[2a03:1b20:3:f011::a04f]:51820";`
add mullvad config 2020-05-23 13:01:10 +02:00			`}];`
			`interfaceNamespace = cfg.namespace;`
new torrent wg setup 2021-01-03 16:39:47 +01:00			`preSetup = ''`
			`${pkgs.iproute}/bin/ip netns add "${cfg.namespace}" \|\| true`
add mullvad config 2020-05-23 13:01:10 +02:00			`'';`
			`};`
			`environment.etc."netns/torrent/resolv.conf".text = ''`
			`nameserver 193.138.218.74`
			`'';`
			`};`
			`}`
			`# todo: presets`