Hi Tobias,
On Tue, Nov 29, 2022 at 08:34:44PM +0100, Tobias Geerinckx-Rice wrote:
> Hi Timo,
>
> Timo Wilken 写道:
> > I'm trying to patch the `wireguard-service-type' to accept pre-shared
> > keys and add them to the generated config. This all seems to work
> > fine, except that I can't get guix
Hi Timo,
Timo Wilken 写道:
I'm trying to patch the `wireguard-service-type' to accept
pre-shared
keys and add them to the generated config. This all seems to
work
fine, except that I can't get guix to generate a
non-world-readable
configuration file.
Alas (for your plans), this is not
Hi Julien,
Thanks! It did seem slightly odd to me how `wireguard-service-type'
set the private key in a bit of a roundabout way, by referring to an
external file. I'll try and set the pre-shared keys the same way.
Cheers,
Timo
On Tue, Nov 29, 2022 at 08:34:21PM +0100, Julien Lepiller wrote:
>
Hi Timo,
Files in the store are always world-readable and there's nothing you can do to
change that. There has been discussions in the past about how to handle secrets
in the store, but no solution so far.
One thing you can do, if wireguard allows it, is to have the pre-shared key in
a
Hi Guixers,
I'm trying to patch the `wireguard-service-type' to accept pre-shared
keys and add them to the generated config. This all seems to work
fine, except that I can't get guix to generate a non-world-readable
configuration file.
I've tried adding a `(chmod port #o400)' call to the end of