nixfmt

2022-06-11 11:37:58 -07:00 · 2022-06-11 11:37:58 -07:00 · 91eea7811a
commit 91eea7811a
parent ac021ac976
9 changed files with 259 additions and 256 deletions
--- a/modules/ezwg.nix
+++ b/modules/ezwg.nix
@ -25,8 +25,7 @@ let
      rangesOutput = pkgs.runCommandNoCC "exclusionary-wildcard-ranges" { } ''
        ${pkgs.python3}/bin/python3 ${generateRangesScript} > $out
      '';
-    in
-    lib.splitString ":" (builtins.readFile "${rangesOutput}");
+    in lib.splitString ":" (builtins.readFile "${rangesOutput}");

  subnet = vlanIP: vlanSize:
    let
@ -39,8 +38,7 @@ let
      subnetOutput = pkgs.runCommandNoCC "subnet-without-host-bits" { } ''
        ${pkgs.python3}/bin/python3 ${generateSubnetScript} > $out
      '';
-    in
-    builtins.readFile "${subnetOutput}";
+    in builtins.readFile "${subnetOutput}";

  serverOpts.options = {
    ip = mkOption {
@ -88,8 +86,7 @@ let
      description = "The IP to use on the wg VLAN";
    };
  };
-in
-{
+in {
  options.services.ezwg = {
    enable = mkEnableOption "Enable simple Wireguard connection";
    instances = mkOption {
@ -99,51 +96,40 @@ in
    };
  };

-  config = mkIf cfg.enable
-    {
-      networking.firewall.checkReversePath = false;
+  config = mkIf cfg.enable {
+    networking.firewall.checkReversePath = false;

-      systemd.paths = mapAttrs'
-        (instName: inst: {
-          name = "wireguard-${instName}";
-          value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
-        })
-        cfg.instances;
+    systemd.paths = mapAttrs' (instName: inst: {
+      name = "wireguard-${instName}";
+      value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
+    }) cfg.instances;

-      systemd.services = lib.listToAttrs (flatten
-        (mapAttrsToList
-          (instName: inst: [
-            {
-              name = "wireguard-${instName}";
-              value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
-            }
-          ] ++ map
-            (server: {
-              name = "wireguard-${instName}-peer${peerNameReplacement server.publicKey}";
-              value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
-            })
-            inst.servers)
-          cfg.instances));
+    systemd.services = lib.listToAttrs (flatten (mapAttrsToList (instName: inst:
+      [{
+        name = "wireguard-${instName}";
+        value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
+      }] ++ map (server: {
+        name =
+          "wireguard-${instName}-peer${peerNameReplacement server.publicKey}";
+        value = if inst.autoStart then { } else { wantedBy = mkForce [ ]; };
+      }) inst.servers) cfg.instances));

+    networking.wireguard.interfaces = mapAttrs (instName: inst:
+      let
+        allowedIPs = if inst.proxy then
+          ranges (map (s: s.ip) inst.servers)
+        else
+          [ (subnet inst.vlanIP inst.vlanSize) ];
+      in {
+        ips = [ "${inst.vlanIP}/${toString inst.vlanSize}" ];
+        privateKeyFile = inst.privateKeyFile;
+        peers = map (server: {
+          inherit allowedIPs;
+          publicKey = server.publicKey;
+          endpoint = "${server.ip}:${toString server.port}";
+          persistentKeepalive = 25;
+        }) inst.servers;
+      }) cfg.instances;

-      networking.wireguard.interfaces = mapAttrs
-        (instName: inst:
-          let
-            allowedIPs = if inst.proxy then ranges (map (s: s.ip) inst.servers) else [ (subnet inst.vlanIP inst.vlanSize) ];
-          in
-          {
-            ips = [ "${inst.vlanIP}/${toString inst.vlanSize}" ];
-            privateKeyFile = inst.privateKeyFile;
-            peers = map
-              (server: {
-                inherit allowedIPs;
-                publicKey = server.publicKey;
-                endpoint = "${server.ip}:${toString server.port}";
-                persistentKeepalive = 25;
-              })
-              inst.servers;
-          })
-        cfg.instances;
-
-    };
+  };
 }