From 56ba8d06cd8003bf52d5efde32914e86199ca354 Mon Sep 17 00:00:00 2001
From: kalipso <kalipso@c3d2.de>
Date: Wed, 25 Dec 2024 22:33:48 +0100
Subject: [PATCH] [malobeo/vpn] do not autostart wg interface on clients

---
 machines/modules/malobeo/wireguard.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/machines/modules/malobeo/wireguard.nix b/machines/modules/malobeo/wireguard.nix
index 36fde4fc..81f4bb35 100644
--- a/machines/modules/malobeo/wireguard.nix
+++ b/machines/modules/malobeo/wireguard.nix
@@ -30,6 +30,12 @@ in
         description = lib.mdDoc "Setup wireguard to access malobeo maintainance vpn";
       };
 
+      autostart = mkOption {
+        default = true;
+        type = types.bool;
+        description = lib.mdDoc "whether to autostart vpn interface on boot";
+      };
+
       name = mkOption {
         default = "";
         type = types.str;
@@ -62,6 +68,7 @@ in
       interfaces = {
         malovpn = {
           address = myPeer.address;
+          autostart = cfg.autostart;
           listenPort = mkIf (myPeer.role == "server") myPeer.listenPort;
 
           # This allows the wireguard server to route your traffic to the internet and hence be like a VPN