From 17883f68dd0ddcb9813add65559bcc95009148fc Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 6 Jan 2018 23:44:03 +0100
Subject: ma vbob.r: set route after network online

---
 makefu/1systems/vbob/config.nix | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

(limited to 'makefu')

diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index d4b80c90..ffd9deae 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -52,24 +52,21 @@
       <stockholm/makefu/2configs/tinc/retiolum.nix>
       (let
         gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr;
-        Gateway = "10.0.2.2";
+        gateway = "10.0.2.2";
       in {
-        networking.localCommands = ''
-          ip route add ${gum-ip} via ${Gateway}
-        '';
-
+        # make sure the route to gum gets added after the network is online
+        systemd.services.wireguard-wg0.after = [ "network-online.target" ];
         networking.wireguard.interfaces.wg0 = {
           ips = [ "10.244.0.3/24" ];
           privateKeyFile = (toString <secrets>) + "/wireguard.key";
-          allowedIPsAsRoutes = true;
           # explicit route via eth0 to gum
+          preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"];
           peers = [
-          {
-            # gum
+          { # gum
             endpoint = "${gum-ip}:51820";
-            # allowedIPs = [ "10.244.0.0/24" ];
-            allowedIPs = [ "0.0.0.0/0" ];
+            allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ];
             publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
+            persistentKeepalive = 25;
           }
           ];
         };
-- 
cgit v1.2.3