about summary refs log tree commit diff
path: root/modules/wireguard.nix
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/wireguard.nix29
1 files changed, 11 insertions, 18 deletions
diff --git a/modules/wireguard.nix b/modules/wireguard.nix
index dcd7858..5138946 100644
--- a/modules/wireguard.nix
+++ b/modules/wireguard.nix
@@ -20,6 +20,14 @@ let
       ${resolvectl} dnssec ${cfg.interface} no
       ${resolvectl} dnsovertls ${cfg.interface} no
     '';
+
+  extraOptions = {
+    jc = 228;
+    jmin = 42;
+    jmax = 420;
+    s1 = 69;
+    s2 = 96;
+  };
 in
 {
   disabledModules = [
@@ -149,13 +157,7 @@ in
               "${ipv4.address}/16"
               "${ipv6.address}/16"
             ];
-            extraInterfaceConfig = ''
-              jc = 228
-              jmin = 42
-              jmax = 420
-              s1 = 69
-              s2 = 96
-            '';
+            inherit extraOptions;
           })
           (with cfg.server; {
             peers = [
@@ -221,17 +223,8 @@ in
                 "${ipv4.address}/16"
               ];
               listenPort = port;
-              inherit peers;
-              postSetup =
-                DNSSetup
-                + ''
-                  awg set ${cfg.interface} \
-                    jc 228 \
-                    jmin 42 \
-                    jmax 420 \
-                    s1 69 \
-                    s2 96
-                '';
+              inherit peers extraOptions;
+              postSetup = DNSSetup;
               allowedIPsAsRoutes = false;
             };
           };

Consider giving Nix/NixOS a try! <3