nixos-configs/devices/nas/modules/arion/wg-easy/compose.nix

{config, ...}: let
  inherit (config.arion) rwDataDir;

  rwPath = rwDataDir + "/wg-easy";
in {
  arion.projects."wg-easy"."wg-easy" = {
    image = ./images/wg-easy.nix;
    restart = "always";
    privileged = true;

    capabilities = {
      NET_ADMIN = true;
      SYS_MODULE = true;
    };

    sysctls = {
      "net.ipv4.ip_forward" = 1;
      "net.ipv4.conf.all.src_valid_mark" = 1;
    };

    dns = ["1.0.0.1"];

    environment = {
      WG_HOST = "166.62.179.208";
      WG_PORT = "51820";
      WG_DEFAULT_ADDRESS = "10.6.0.x";
      WG_DEFAULT_DNS = "1.0.0.1";
    };

    volumes =[
       "${rwPath}/data:/etc/wireguard"
    ];

    ports = [
      "53:51820/udp"
      "51822:51820/udp"
      "51821:51821/tcp"
    ];
  };
}
feat(arion): migrate wg-easy 2024-02-28 13:43:07 -05:00			`{config, ...}: let`
			`inherit (config.arion) rwDataDir;`

			`rwPath = rwDataDir + "/wg-easy";`
			`in {`
			`arion.projects."wg-easy"."wg-easy" = {`
			`image = ./images/wg-easy.nix;`
			`restart = "always";`
			`privileged = true;`

			`capabilities = {`
			`NET_ADMIN = true;`
			`SYS_MODULE = true;`
			`};`

			`sysctls = {`
			`"net.ipv4.ip_forward" = 1;`
			`"net.ipv4.conf.all.src_valid_mark" = 1;`
			`};`

			`dns = ["1.0.0.1"];`

			`environment = {`
			`WG_HOST = "166.62.179.208";`
			`WG_PORT = "51820";`
			`WG_DEFAULT_ADDRESS = "10.6.0.x";`
			`WG_DEFAULT_DNS = "1.0.0.1";`
			`};`

			`volumes =[`
			`"${rwPath}/data:/etc/wireguard"`
			`];`

			`ports = [`
			`"53:51820/udp"`
			`"51822:51820/udp"`
			`"51821:51821/tcp"`
			`];`
			`};`
			`}`