pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / netbird.nix
at 23.11-pre 1.8 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 cfg = config.services.netbird; 7 kernel = config.boot.kernelPackages; 8 interfaceName = "wt0"; 9in { 10 meta.maintainers = with maintainers; [ misuzu ]; 11 12 options.services.netbird = { 13 enable = mkEnableOption (lib.mdDoc "Netbird daemon"); 14 package = mkOption { 15 type = types.package; 16 default = pkgs.netbird; 17 defaultText = literalExpression "pkgs.netbird"; 18 description = lib.mdDoc "The package to use for netbird"; 19 }; 20 }; 21 22 config = mkIf cfg.enable { 23 boot.extraModulePackages = optional (versionOlder kernel.kernel.version "5.6") kernel.wireguard; 24 25 environment.systemPackages = [ cfg.package ]; 26 27 networking.dhcpcd.denyInterfaces = [ interfaceName ]; 28 29 systemd.network.networks."50-netbird" = mkIf config.networking.useNetworkd { 30 matchConfig = { 31 Name = interfaceName; 32 }; 33 linkConfig = { 34 Unmanaged = true; 35 ActivationPolicy = "manual"; 36 }; 37 }; 38 39 systemd.services.netbird = { 40 description = "A WireGuard-based mesh network that connects your devices into a single private network"; 41 documentation = [ "https://netbird.io/docs/" ]; 42 after = [ "network.target" ]; 43 wantedBy = [ "multi-user.target" ]; 44 path = with pkgs; [ 45 openresolv 46 ]; 47 serviceConfig = { 48 Environment = [ 49 "NB_CONFIG=/var/lib/netbird/config.json" 50 "NB_LOG_FILE=console" 51 ]; 52 ExecStart = "${cfg.package}/bin/netbird service run"; 53 Restart = "always"; 54 RuntimeDirectory = "netbird"; 55 StateDirectory = "netbird"; 56 WorkingDirectory = "/var/lib/netbird"; 57 }; 58 unitConfig = { 59 StartLimitInterval = 5; 60 StartLimitBurst = 10; 61 }; 62 stopIfChanged = false; 63 }; 64 }; 65}