fixed wireguard \o/

hosts/network.nix

@@ -5,12 +5,6 @@
 }: let
   prefix = "lyn";
 
-  #subnets routed through wireguard
-  wg_subnets = {
-    IPv4 = "10.35.0.0/24";
-    IPv6 = "fd1a:acab:cafe:1337::/64";
-  };
-
   #hosts are defined here
   hosts = {
     wg-gateway = {
@@ -19,12 +13,12 @@
         pubkey = "Fknzk7lltkPKJZlF3KXWKGQXXSj7CUD9ev0ZEZtpbjY=";
         port = 51820;
       };
-      v4 = {
+      IPv4 = {
         public = "78.47.226.47";
         # we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
         internal = "10.35.0.3";
       };
-      v6 = {
+      IPv6 = {
         public = "2a01:4f8:1c1b:d2db::";
         # 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
         internal = "fd1a:acab:cafe:1337:8f4c:68cd::";
@@ -36,12 +30,12 @@
         pubkey = "jdfbOnP0mFWFobtQunm0h6EtqOZiar9G9jngMU7b+Co=";
         port = 51820;
       };
-      v4 = {
+      IPv4 = {
         public = "";
         # we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
         internal = "10.35.0.2";
       };
-      v6 = {
+      IPv6 = {
         public = "";
         # 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
         internal = "fd1a:acab:cafe:1337:6722:3657::";
@@ -51,15 +45,6 @@
 in {
   options = {
     ${prefix} = {
-      network.wg_subnets.IPv4 = lib.mkOption {
-        type = lib.types.str;
-        description = "The IPv6 range that wireguard peers will use";
-      };
-      network.wg_subnets.IPv6 = lib.mkOption {
-        type = lib.types.str;
-        description = "The IPv4 range that wireguard peers will use";
-      };
-
       # defining the entire hosts part as a module
       network.hosts = lib.mkOption {
         type = lib.types.attrsOf (lib.types.submodule {
@@ -86,7 +71,7 @@ in {
               };
               description = "WireGuard configuration";
             };
-            v4 = lib.mkOption {
+            IPv4 = lib.mkOption {
               type = lib.types.submodule {
                 options = {
                   public = lib.mkOption {
@@ -103,7 +88,7 @@ in {
               description = "IPv4 configuration";
               default = {};
             };
-            v6 = lib.mkOption {
+            IPv6 = lib.mkOption {
               type = lib.types.submodule {
                 options = {
                   public = lib.mkOption {
@@ -130,12 +115,12 @@ in {
 
   config = {
     ${prefix}.network = {
-      inherit hosts wg_subnets;
+      inherit hosts;
     };
     assertions = [
       {
-        assertion = lib.any (host: host.v4 != null || host.v6 != null) (lib.attrValues hosts);
+        assertion = lib.any (host: host.IPv4 != null || host.IPv6 != null) (lib.attrValues hosts);
-        message = "At least one of v4 or v6 must be defined for each host";
+        message = "Either an IPv4 or IPv6 must be defined for each host";
       }
     ];
   };

modules/services/wgautomesh.nix

@@ -57,8 +57,8 @@ in {
     networking.wireguard.interfaces.wg0 = {
       ips =
         if cfg.useIPv6
-        then ["${meshnetwork.wg_subnets.IPv6}"]
+        then ["${currentHost.IPv6.internal}/64"]
-        else ["${meshnetwork.wg_subnets.IPv4}"];
+        else ["${currentHost.IPv4.internal}/24"];
       listenPort = wireguardPort;
       privateKeyFile = "/var/lib/wireguard-keys/private";
       mtu = 1200;
@@ -70,8 +70,8 @@ in {
         interface = "wg0";
         peers =
           if cfg.useIPv6
-          then buildPeerlist "v6" meshnetwork.hosts
+          then buildPeerlist "IPv6" meshnetwork.hosts
-          else buildPeerlist "v4" meshnetwork.hosts;
+          else buildPeerlist "IPv4" meshnetwork.hosts;
         upnp_forward_external_port = wireguardPort;
       };
       gossipSecretFile = gossip_secret_path;