public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #25646 from zx2c4/wg-psk-change

Browse Source 
wireguard: 0.0.20170421 -> 0.0.20170517
This commit is contained in:
Jörg Thalheim 2017-05-17 23:58:51 +01:00 committed by GitHub
commit 64acaa1e2d
2 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
nixos/modules/services/networking/wireguard.nix
View File

@ -27,18 +27,6 @@ let
description = "Base64 private key generated by wg genkey."; description = "Base64 private key generated by wg genkey.";
}; };
presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
description = ''
base64 preshared key generated by wg genpsk. Optional,
and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
'';
};
listenPort = mkOption { listenPort = mkOption {
default = null; default = null;
type = with types; nullOr int; type = with types; nullOr int;
@ -98,6 +86,18 @@ let
description = "The base64 public key the peer."; description = "The base64 public key the peer.";
}; };
presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
description = ''
base64 preshared key generated by wg genpsk. Optional,
and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
'';
};
allowedIPs = mkOption { allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ]; example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str; type = with types; listOf str;
@ -137,12 +137,12 @@ let
generateConf = name: values: pkgs.writeText "wireguard-${name}.conf" '' generateConf = name: values: pkgs.writeText "wireguard-${name}.conf" ''
[Interface] [Interface]
PrivateKey = ${values.privateKey} PrivateKey = ${values.privateKey}
${optionalString (values.presharedKey != null) "PresharedKey = ${values.presharedKey}"}
${optionalString (values.listenPort != null) "ListenPort = ${toString values.listenPort}"} ${optionalString (values.listenPort != null) "ListenPort = ${toString values.listenPort}"}
${concatStringsSep "\n\n" (map (peer: '' ${concatStringsSep "\n\n" (map (peer: ''
[Peer] [Peer]
PublicKey = ${peer.publicKey} PublicKey = ${peer.publicKey}
${optionalString (peer.presharedKey != null) "PresharedKey = ${peer.presharedKey}"}
${optionalString (peer.allowedIPs != []) "AllowedIPs = ${concatStringsSep ", " peer.allowedIPs}"} ${optionalString (peer.allowedIPs != []) "AllowedIPs = ${concatStringsSep ", " peer.allowedIPs}"}
${optionalString (peer.endpoint != null) "Endpoint = ${peer.endpoint}"} ${optionalString (peer.endpoint != null) "Endpoint = ${peer.endpoint}"}
${optionalString (peer.persistentKeepalive != null) "PersistentKeepalive = ${toString peer.persistentKeepalive}"} ${optionalString (peer.persistentKeepalive != null) "PersistentKeepalive = ${toString peer.persistentKeepalive}"}

4
pkgs/os-specific/linux/wireguard/default.nix
View File

@ -6,11 +6,11 @@ assert kernel != null -> stdenv.lib.versionAtLeast kernel.version "3.10";
let let
name = "wireguard-${version}"; name = "wireguard-${version}";
version = "0.0.20170421"; version = "0.0.20170517";
src = fetchurl { src = fetchurl {
url = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${version}.tar.xz"; url = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${version}.tar.xz";
sha256 = "03c82af774224cd171d000ee4a519b5e474cc6842ac04967773cf77b26750000"; sha256 = "7303e973654a3585039f4789e89a562f807f0d6010c7787b9b69ca72aa7a6908";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {