diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/wireguard.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/wireguard.nix | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/wireguard.nix b/nixpkgs/nixos/modules/services/networking/wireguard.nix index e8f83f6dd8b..e07020349cf 100644 --- a/nixpkgs/nixos/modules/services/networking/wireguard.nix +++ b/nixpkgs/nixos/modules/services/networking/wireguard.nix @@ -91,11 +91,13 @@ let table = mkOption { default = "main"; type = types.str; - description = ''The kernel routing table to add this interface's - associated routes to. Setting this is useful for e.g. policy routing - ("ip rule") or virtual routing and forwarding ("ip vrf"). Both numeric - table IDs and table names (/etc/rt_tables) can be used. Defaults to - "main".''; + description = '' + The kernel routing table to add this interface's + associated routes to. Setting this is useful for e.g. policy routing + ("ip rule") or virtual routing and forwarding ("ip vrf"). Both + numeric table IDs and table names (/etc/rt_tables) can be used. + Defaults to "main". + ''; }; peers = mkOption { @@ -174,7 +176,7 @@ let example = "/private/wireguard_psk"; type = with types; nullOr str; description = '' - File pointing to preshared key as generated by <command>wg pensk</command>. + File pointing to preshared key as generated by <command>wg genpsk</command>. Optional, and may be omitted. This option adds an additional layer of symmetric-key cryptography to be mixed into the already existing public-key cryptography, for post-quantum resistance. @@ -217,7 +219,6 @@ let }; - generatePathUnit = name: values: assert (values.privateKey == null); assert (values.privateKeyFile != null); |