Modules/Network: Remove wireguard configuration options

2025-07-10 22:26:40 +02:00
parent da5d120efe
commit 257060a6c2
5 changed files with 2 additions and 147 deletions
--- a/system/modules/network/default.nix
+++ b/system/modules/network/default.nix
@ -44,38 +44,8 @@ in {
      inherit (cfg) networks;
    };

-    # Wireguard VPNs
-    systemd.services = mkIf (!cfg.useNetworkManager) cfg.wireguard-tunnels;
-
-    # NOTE: I can connect to TU Dortmund directly
-    # TODO: Use config with netns, like with wireguard
-    # services.openvpn.servers = {
-    #   # TODO: Can't read config file...
-    #   tu-dortmund-irb = {
-    #     autoStart = false;
-    #     config = "config ~/NixFlake/config/openvpn/tu-dortmund-irb.ovpn";
-    #   };
-    # };
-
-    # TODO: Rewrite with lib.pipe
-    # Generate list of vpns for rofi menu
-    environment.etc."rofi-vpns" = let
-      names-list = attrNames cfg.wireguard-tunnels;
-      names = concatStringsSep "\n" names-list;
-    in
-      mkIf (!cfg.useNetworkManager) {text = names;};
-
-    # Allow to enable/disable tunnels without root password
-    modules.polkit.allowedSystemServices = let
-      vpn-services = lib.pipe cfg.wireguard-tunnels [
-        attrNames
-        (map (v: "${v}.service"))
-      ];
-    in
-      mkIf (!cfg.useNetworkManager) vpn-services;
-
    modules.polkit.allowedActions = mkIf cfg.useNetworkManager [
-      # NOTE: List permissions by running "nmcli general permissions"
+      # List NM permissions by running "nmcli general permissions"
      "org.freedesktop.NetworkManager.settings.modify.system"
    ];

--- a/system/modules/network/options.nix
+++ b/system/modules/network/options.nix
@ -41,17 +41,6 @@ with mylib.modules; {
    '';
  };

-  wireguard-tunnels = mkOption {
-    type = types.attrs;
-    default = {};
-    description = "Wireguard VPN Tunnels";
-    example = ''
-      wg0-de-115 = {
-        [...]
-      };
-    '';
-  };
-
  allowedTCPPorts = mkOption {
    type = types.listOf types.int;
    default = [];
--- a/system/nixinator/default.nix
+++ b/system/nixinator/default.nix
@ -72,43 +72,6 @@
        8090 # PocketBase
        4242 # Lan-Mouse
      ];
-
-      wireguard-tunnels = {
-        wg0-de-115 =
-          mylib.networking.mkWireguardService
-          "wg0-de-115"
-          "proton-de-115.key"
-          "9+CorlxrTsQR7qjIOVKsEkk8Z7UUS5WT3R1ccF7a0ic="
-          "194.126.177.14";
-
-        wg0-de-205 =
-          mylib.networking.mkWireguardService
-          "wg0-de-205"
-          "proton-de-205.key"
-          "MOLPnnM2MSq7s7KqAgpm+AWpmzFAtuE46qBFHeLg5Tk="
-          "217.138.216.130";
-
-        wg0-lu-16 =
-          mylib.networking.mkWireguardService
-          "wg0-lu-16"
-          "proton-lu-16.key"
-          "asu9KtQoZ3iKwELsDTgjPEiFNcD1XtgGgy3O4CZFg2w="
-          "92.223.89.133";
-
-        wg0-kh-8 =
-          mylib.networking.mkWireguardService
-          "wg0-kh-8"
-          "proton-kh-8.key"
-          "D4M0O60wCBf1nYWOmXRfK7IpgG7VBBwQLeWVFLIqFG4="
-          "188.215.235.82";
-
-        wg0-ch-70 =
-          mylib.networking.mkWireguardService
-          "wg0-ch-70"
-          "proton-ch-70.key"
-          "17I34jHOMcmI7LKBqxosTfLgwGjO5OKApLcRSPlyymM="
-          "185.159.157.13";
-      };
    };
  };

--- a/system/nixtop/default.nix
+++ b/system/nixtop/default.nix
@ -9,21 +9,7 @@
    network = {
      useNetworkManager = true;

-      wireguard-tunnels = {
-        wg0-de-74 =
-          mylib.networking.mkWireguardService
-          "wg0-de-74"
-          "proton-de-74.key"
-          "fvHmPj3wAKolN80+/KJ3a/DFjMToCsr3iPGwX8+og1g="
-          "194.126.177.7";
-
-        wg0-lu-6 =
-          mylib.networking.mkWireguardService
-          "wg0-lu-6"
-          "proton-lu-6.key"
-          "EAZS8FTE2sXm8NFD8ViqcO5PMzvnyIHD1ScxX8UxIzE="
-          "92.223.89.141";
-      };
+      # TODO: There's probably something missing here?
    };
  };