started wireguard wrapper

2026-04-19 09:38:06 -05:00
parent 8073125f3e
commit 904dd6e329
2 changed files with 40 additions and 31 deletions
@@ -5,7 +5,7 @@
      hostname = "john-p14s";
      homeDirectory = config.home-manager.users.john.home.homeDirectory;
      flakeDir = "${homeDirectory}/Documents/dendritic";
-      my-neovim = inputs.self.packages.${pkgs.stdenv.hostPlatform.system}.my-neovim;
+      selfPkgs = inputs.self.packages.${pkgs.stdenv.hostPlatform.system};
    in
    {
      imports = [
@@ -41,7 +41,8 @@
        busybox
        dig
        samba
-        my-neovim
+        selfPkgs.my-neovim
+        selfPkgs.wg-platform
      ];

      security.pam.services.swaylock = {};
@@ -2,39 +2,13 @@
  flake.modules.nixos.wireguard = { config, pkgs, lib, ... }:
  let
    wgInterface = "platform";
-    systemctl = lib.getExe' pkgs.systemd "systemctl";
-    journalctl = lib.getExe' pkgs.systemd "journalctl";
-
-    mkConnect = interface:
-      let
-        serviceName = "wg-quick-${interface}";
-        service = "${serviceName}.service";
-      in
-      pkgs.writeShellScriptBin "wg-connect-${interface}" ''
-        ${systemctl} start ${service}
-        start_time=$(${systemctl} show -p ActiveEnterTimestamp ${serviceName} | cut -d= -f2)
-        ${journalctl} -u ${service} --since "$start_time" --no-pager
-      '';
-    mkDisconnect = interface:
-      let
-        serviceName = "wg-quick-${interface}";
-        service = "${serviceName}.service";
-      in
-      pkgs.writeShellScriptBin "wg-disconnect-${interface}" ''
-        STOPTIME=$(${lib.getExe' pkgs.coreutils "date"} '+%Y-%m-%d %H:%M:%S')
-        ${systemctl} stop ${service}
-        start_time=$(${systemctl} show -p ActiveEnterTimestamp ${serviceName} | cut -d= -f2)
-        ${journalctl} -u ${service} --since "$STOPTIME" --no-pager
-      '';
  in
  {
    imports = [ inputs.sops-nix.nixosModules.sops ];

    environment.systemPackages = with pkgs; [
-      wireguard-tools
-      wg-netmanager
-      (mkConnect "platform")
-      (mkDisconnect "platform")
+      wireguard-tools # https://github.com/WireGuard/wireguard-tools
+      # wg-netmanager # https://github.com/gin66/wg_netmanager
    ];

    sops.secrets.wireguard_private_key = { };
@@ -56,4 +30,38 @@
      };
    };
  };
-}
+
+  perSystem = { system, pkgs, lib, ... }:
+  let
+    connect = pkgs.writeShellApplication {
+      name = "wg-platform-connect";
+      text = ''
+        sudo systemctl start wg-quick-platform.service
+        START_TIME=$(sudo systemctl show -p ActiveEnterTimestamp wg-quick-platform | cut -d= -f2)
+        journalctl -u wg-quick-platform --since "$START_TIME" --no-pager
+      '';
+    };
+
+    disconnect = pkgs.writeShellApplication {
+      name = "wg-platform-disconnect";
+      text = ''
+        STOP_TIME=$(date '+%Y-%m-%d %H:%M:%S')
+        systemctl stop wg-quick-platform.service
+        journalctl -u wg-quick-platform.service --since "$STOP_TIME" --no-pager
+      '';
+    };
+  in
+  {
+    packages.wg-platform = inputs.wrappers.lib.wrapPackage {
+      inherit pkgs;
+      runtimeInputs = with pkgs; [ coreutils systemd wireguard-tools ];
+      package = pkgs.symlinkJoin {
+        name = "wg-platform";
+        paths = [
+          connect
+          disconnect
+        ];
+      };
+    };
+  };
+}