Configuration for yggdrasil, as a structured Nix attribute set.
If you specify settings here, they will be used as persistent configuration and Yggdrasil will retain the same configuration (including IPv6 address if keys are provided) across restarts.
If no settings are specified, ephemeral keys are generated and the Yggdrasil interface will have a random IPv6 address each time the service is started.
Use settings.PrivateKeyPath to securely load private keys from files owned by root via systemd credentials.
The most important options have dedicated NixOS options above. You can also specify any other yggdrasil configuration option directly.
For a complete list of available options, see: https://yggdrasil-network.github.io/configurationref.html
You can use the command nix-shell -p yggdrasil --run "yggdrasil -genconf" to generate default configuration values with documentation.
open submodule of (attribute set){ }{
IfMTU = 65535;
IfName = "ygg0";
Listen = [
"tcp://0.0.0.0:xxxxx"
];
Peers = [
"tcp://aa.bb.cc.dd:eeeee"
"tcp://[aaaa:bbbb:cccc:dddd::eeee]:fffff"
];
PrivateKeyPath = "/run/secrets/yggdrasil-key";
}