2025-02-02

1 files changed, 14 insertions, 11 deletions

diff --git a/modules/wireguard.nix b/modules/wireguard.nix
index 92497e1..c9d9937 100644
--- a/modules/wireguard.nix
+++ b/modules/wireguard.nix
@@ -22,25 +22,27 @@ let
   );
 
   extraOptions = {
-    jc = 23;
-    jmin = 58;
-    jmax = 1021;
-    s1 = 49;
-    s2 = 87;
-    h1 = 1264154357;
-    h2 = 462401493;
-    h3 = 737329836;
-    h4 = 1039929807;
+    Jc = 23;
+    Jmin = 58;
+    Jmax = 1021;
+    S1 = 49;
+    S2 = 87;
+    H1 = 1264154357;
+    H2 = 462401493;
+    H3 = 737329836;
+    H4 = 1039929807;
   };
 in
 {
   disabledModules = [
     "services/networking/wg-quick.nix"
     "services/networking/wireguard.nix"
+    "services/networking/wireguard-networkd.nix"
   ];
   imports = [
     "${inputs.nixpkgs-amneziawg}/nixos/modules/services/networking/wg-quick.nix"
     "${inputs.nixpkgs-amneziawg}/nixos/modules/services/networking/wireguard.nix"
+    "${inputs.nixpkgs-amneziawg}/nixos/modules/services/networking/wireguard-networkd.nix"
   ];
 
   options.nixfiles.modules.wireguard = {
@@ -218,8 +220,9 @@ in
         networking = {
           wireguard = {
             enable = true;
-            type = "amneziawg";
+            useNetworkd = false; # Does not work with "amneziawg".
             interfaces.${cfg.interface} = with cfg.server; {
+              type = "amneziawg";
               privateKeyFile = config.secrets."wireguard-private-key-${this.hostname}".path;
               ips = [
                 "${ipv6.address}/16"
@@ -227,7 +230,7 @@ in
               ];
               listenPort = port;
               inherit peers extraOptions;
-              postSetup = DNSSetup;
+              postSetup = lib.optionalString (!config.networking.wireguard.useNetworkd) DNSSetup;
               allowedIPsAsRoutes = false;
             };
           };