Issue Tracker (As Email)
Mailing List (As Email)
Mailing List (breaking changes) (Subscribe Via Email)
Wiki (Wiki Repo)
Repo
WireNix is a Nix Flake designed to make creation of Wireguard mesh networks easier. The simplist and most likely layout is a full mesh network, but Wirenix can also support arbitrary graph topologies. This is the Wiki for Wirenix. The best way to get started with Wirenix is to read the Quickstart and then learn about the ACL format.
Due to Nix's dynamic typing, I have opted to define configurations in psuedo-typescript to make options more legible. I have chosen typescript because it looks somewhat like JSON and is easy to understand. Examples will still be given in Nix EL.
sops
and age
top level attributes in your
config if you don't already have them. It has to do with some terrible hackery
I did in wire.nix
to prevent infinite recursion. If any Nix wizards out there
want to send in a patch it would be mutch appreciated!Sourcehut is weird, and it's my first time hosting a public repo on it. That
said issues are tracked on the
issue tracker
(as email),
everything is setup to allow for patches through
git send-email,
and patches can be sent to the
mailing list
(as email).
Since this is a nixos project, here's a modified excerpt from my config to
get you started with git send-email (using agenix to store the password):
programs.git = {
package = pkgs.gitAndTools.gitFull;
enable = true;
userName = "Your Name";
userEmail = "your-email@example.com";
includes = [{ path = "/run/agenix/git-mail";}];
};
secrets/git-mail (decrypted):
[sendemail]
smtpEncryption = ssl
smtpServer = smtp.example.com
smtpServerPort = 465
smtpUser = your-email@example.com
smtpPass = ******************
Wirenix was built with a lot of features in mind, and the testing is lagging behind. The current priority is fixing bugs and adding tests. This list is not exhaustive, but will be updated as I think of or find certain edge cases and features that need testing.
🚨 = Untested : 🚧 = Manually Confirmed : ✅ = Test Case Written
Test Case | Status |
---|---|
Connecting peers in a subnet by subnet | ✅ |
Connecting peers in a subnet by peer | ✅ |
Automatic IP addresses | ✅ |
Static network configuration | ✅ |
Networkd configuration | ✅ |
ACL key provider | ✅ |
Manually assigning IP addresses | ✅ |
Multiple interfaces for one subnet | ✅ |
Writing custom Configurers | 🚧 |
Writing custom Key Providers | 🚧 |
Writing custom parsers | 🚧 |
Connecting peers in a subnet by group | 🚧 |
Connecting peer to multiple subnets | 🚧 |
Endpoint Filter Rules | 🚧 |
Parallel subnets don't interfere | 🚧 |
Agenix-rekey key provider | 🚧 |
Using multiple key providers | 🚧 |
Connecting to non-wirenix peer | 🚨 |
Merging with manual network config (e.g. adding static routes) | 🚨 |
This project is licensed under the MPL 2.0
commit 0d0bc492b2a0104df20d8c819fdbdd1638a97b97 Author: Matthew Salerno <m@salernosection.com> Date: 2024-03-25T00:03:16-04:00 formatting