From 73cbfc1a40b687bc370b898f81b90ebb5916f65f Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 13 Oct 2024 20:39:49 +0100 Subject: [PATCH] rexxar: don't set the Endpoint in systemd-networkd unless there is one --- ops/nixos/rexxar/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ops/nixos/rexxar/default.nix b/ops/nixos/rexxar/default.nix index f771f51ea9..8ee565ab38 100644 --- a/ops/nixos/rexxar/default.nix +++ b/ops/nixos/rexxar/default.nix @@ -109,14 +109,15 @@ ListenPort = listenPort; PrivateKeyFile = privateKey; }; - wireguardPeers = [{ + wireguardPeers = [(lib.mkMerge [{ PublicKey = publicKey; AllowedIPs = [ "0.0.0.0/0" "::/0" ]; + } (lib.mkIf (endpoint != null) { Endpoint = endpoint; - }]; + })])]; }; swannWireguard = args: wireguard (args // { privateKey = config.my.vault.secrets.wg-swann-private.path;