From 4a76097a5ea510afab43260165da514eaa171925 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Fri, 24 Jan 2025 17:41:12 -0500
Subject: [PATCH] Refactor the wireguard role to use lib.mkMerge.

---
 nix/configuration/hosts/neelix/default.nix    |  3 ++
 nix/configuration/hosts/odo/default.nix       |  6 +++
 nix/configuration/roles/wireguard/default.nix | 40 +++++++++++++------
 3 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/nix/configuration/hosts/neelix/default.nix b/nix/configuration/hosts/neelix/default.nix
index d11b62f..82a3a47 100644
--- a/nix/configuration/hosts/neelix/default.nix
+++ b/nix/configuration/hosts/neelix/default.nix
@@ -30,6 +30,9 @@
   me.kodi.enable = true;
   me.lvfs.enable = true;
   me.sound.enable = true;
+  me.wireguard.activated = [ "wgh" ];
+  me.wireguard.deactivated = [ "wgf" ];
   me.zrepl.enable = true;
   me.zsh.enable = true;
+
 }
diff --git a/nix/configuration/hosts/odo/default.nix b/nix/configuration/hosts/odo/default.nix
index 7a15d09..9d30f9e 100644
--- a/nix/configuration/hosts/odo/default.nix
+++ b/nix/configuration/hosts/odo/default.nix
@@ -57,6 +57,12 @@
   me.vscode.enable = true;
   me.wasm.enable = true;
   me.waybar.enable = true;
+  me.wireguard.activated = [
+    "drmario"
+    "wgh"
+    "colo"
+  ];
+  me.wireguard.deactivated = [ "wgf" ];
   me.zrepl.enable = true;
   me.zsh.enable = true;
 }
diff --git a/nix/configuration/roles/wireguard/default.nix b/nix/configuration/roles/wireguard/default.nix
index ccd103c..0826471 100644
--- a/nix/configuration/roles/wireguard/default.nix
+++ b/nix/configuration/roles/wireguard/default.nix
@@ -4,7 +4,6 @@
   pkgs,
   ...
 }:
-
 let
   activatedWg = name: {
     networking.wg-quick.interfaces."${name}".configFile = "/persist/manual/wireguard/${name}.conf";
@@ -29,21 +28,36 @@ let
       autostart = false;
     };
   };
-  wgConfig = lib.attrsets.recursiveUpdate (lib.attrsets.recursiveUpdate (lib.attrsets.recursiveUpdate
-    (lib.attrsets.recursiveUpdate {
-      networking.firewall.allowedUDPPorts = [ 51821 ];
-      networking.wireguard.enable = true;
-    } (activatedWg "drmario"))
-    (activatedWg "wgh")
-  ) (activatedWg "colo")) (deactivatedWg "wgf");
+  wireguard_enable = (config.me.wireguard.activated != [ ] || config.me.wireguard.deactivated != [ ]);
 in
 {
   imports = [ ];
 
-  config = lib.mkIf (!config.me.buildingIso) wgConfig;
-
-  # environment.systemPackages = with pkgs; [
-  #   wireguard-tools
-  # ];
+  options.me = {
+    wireguard.activated = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      default = false;
+      example = true;
+      description = "List of wireguard config names that should be activated at boot.";
+    };
+    wireguard.deactivated = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      default = false;
+      example = true;
+      description = "List of wireguard config names that are not activated at boot but can be manually activated later.";
+    };
+  };
 
+  config = lib.mkIf wireguard_enable (
+    lib.mkMerge [
+      {
+        networking.firewall.allowedUDPPorts = [ 51821 ];
+        networking.wireguard.enable = true;
+      }
+      (activatedWg "drmario")
+      (activatedWg "wgh")
+      (activatedWg "colo")
+      (deactivatedWg "wgf")
+    ]
+  );
 }