From 3d1b8e9ddfbd23766d03cc2f418cf9b9eb76902d Mon Sep 17 00:00:00 2001
From: Patrick Spek
Date: Mon, 24 Apr 2023 15:56:54 +0200
Subject: Fix minor issues with tinc
There's still two major issues to make this work, sadly.
First and foremost, tincd does not seem to have any access to the
private keys generated at the start. I'm unsure why this is the case, as
they're generated as documented in the wiki.
Secondly, the vpn-tinc.nix currently contains the tinc-up script with a
hardcoded IP. This should be done in a different manner to ensure it
takes over the IP from configuration.nix.
---
data.d/etc-nixos/apps/vpn-tinc.nix | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
(limited to 'data.d/etc-nixos/apps/vpn-tinc.nix')
diff --git a/data.d/etc-nixos/apps/vpn-tinc.nix b/data.d/etc-nixos/apps/vpn-tinc.nix
index 7fcb964..c15bad4 100644
--- a/data.d/etc-nixos/apps/vpn-tinc.nix
+++ b/data.d/etc-nixos/apps/vpn-tinc.nix
@@ -28,7 +28,7 @@
networking = {
firewall = {
- allwedUDPPorts = [ 655 ];
+ allowedUDPPorts = [ 655 ];
allowedTCPPorts = [ 655 ];
};
};
@@ -40,17 +40,15 @@
{
command = "${pkgs.nettools}/bin/ifconfig";
options = [ "NOPASSWD" ];
- },
+ }
];
- },
+ }
];
services = {
tinc = {
networks = {
tyilnet = {
- name = "tyilnet";
-
debugLevel = 3;
chroot = false;
interfaceType = "tap";
--
cgit v1.1