mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-20 03:43:45 +00:00
Merge pull request #27939 from evujumenuk/wireguard-rt_tables
wireguard: add per-peer routing table option
This commit is contained in:
commit
61d133c1ee
@ -79,6 +79,16 @@ let
|
||||
description = "A list of commands called after shutting down the interface.";
|
||||
};
|
||||
|
||||
table = mkOption {
|
||||
default = "main";
|
||||
type = types.str;
|
||||
description = ''The kernel routing table to add this interface's
|
||||
associated routes to. Setting this is useful for e.g. policy routing
|
||||
("ip rule") or virtual routing and forwarding ("ip vrf"). Both numeric
|
||||
table IDs and table names (/etc/rt_tables) can be used. Defaults to
|
||||
"main".'';
|
||||
};
|
||||
|
||||
peers = mkOption {
|
||||
default = [];
|
||||
description = "Peers linked to the interface.";
|
||||
@ -207,9 +217,11 @@ let
|
||||
|
||||
"${ipCommand} link set up dev ${name}"
|
||||
|
||||
(map (peer: (map (ip:
|
||||
"${ipCommand} route replace ${ip} dev ${name}"
|
||||
) peer.allowedIPs)) values.peers)
|
||||
(map (peer:
|
||||
(map (allowedIP:
|
||||
"${ipCommand} route replace ${allowedIP} dev ${name} table ${values.table}"
|
||||
) peer.allowedIPs)
|
||||
) values.peers)
|
||||
|
||||
values.postSetup
|
||||
]);
|
||||
|
Loading…
Reference in New Issue
Block a user