Merge pull request #30 from axelsimon/nixos-peer-conf

Add a NixOS peer config template / generator.

add.go

@@ -65,6 +65,40 @@ set interfaces wireguard {{ .Wgif }} peer {{ .DsnetConfig.PrivateKey.PublicKey.K
 commit; save
 `
 
+const nixosPeerConf = `networking.wireguard.interfaces = {{ "{" }}
+  dsnet = {{ "{" }}
+    ips = [
+      {{ if gt (.DsnetConfig.Network.IPNet.IP | len) 0 -}}
+      "{{ .Peer.IP }}/{{ .CidrSize }}"
+      {{ end -}}
+      {{ if gt (.DsnetConfig.Network6.IPNet.IP | len) 0 -}}
+      "{{ .Peer.IP6 }}/{{ .CidrSize6 }}"
+      {{ end -}}
+    ];
+    privateKey = "{{ .Peer.PrivateKey.Key }}";
+    {{- if .DsnetConfig.DNS }}
+    dns = [ "{{ .DsnetConfig.DNS }}" ];
+    {{ end }}
+    peers = [
+      {{ "{" }}
+        publicKey = "{{ .DsnetConfig.PrivateKey.PublicKey.Key }}";
+        presharedKey = "{{ .Peer.PresharedKey.Key }}";
+        allowedIPs = [
+          {{ if gt (.DsnetConfig.Network.IPNet.IP | len) 0 -}}
+          "{{ .DsnetConfig.Network }}"
+          {{ end -}}
+          {{ if gt (.DsnetConfig.Network6.IPNet.IP | len) 0 -}}
+          "{{ .DsnetConfig.Network6 }}"
+          {{ end -}}
+        ];
+        endpoint = "{{ .Endpoint }}:{{ .DsnetConfig.ListenPort }}";
+        persistentKeepalive = {{ .Keepalive }};
+      {{ "}" }}
+    ];
+  {{ "};" }}
+{{ "};" }}
+`
+
 func Add() {
 	if len(os.Args) != 3 {
 		// TODO non-red
@@ -126,6 +160,9 @@ func PrintPeerCfg(peer PeerConfig, conf *DsnetConfig) {
 	// https://github.com/WireGuard/wireguard-vyatta-ubnt/
 	case "vyatta":
 		peerConf = vyattaPeerConf
+	// https://nixos.wiki/wiki/Wireguard
+	case "nixos":
+		peerConf = nixosPeerConf
 	default:
 		ExitFail("Unrecognised DSNET_OUTPUT type")
 	}

cmd/dsnet.go

@@ -62,6 +62,7 @@ Environment variables:
 
 	DSNET_OUTPUT=wg-quick : The add command will generate a wg-quick config (default)
 	DSNET_OUTPUT=vyatta   : The add command will generate a vyatta (edgeos) config
+	DSNET_OUTPUT=nixos    : The add command will generate a NixOS config
 
 dsnet version %[2]s
 commit %[3]s