I’m trying to setup wireguard but I ran into problems as you can see in my previous post:
So I’d like to know if it’s still not recommended to use networking.wireguard.enable since it has this info:
Please note that
systemd.network.netdevshas more features and is better maintained. When building new things, it is advised to use that instead.
Yes, systemd-networkd is better maintained than the scripted networking bits below network.wireguard.
It works fine for basic setups. I think the warning should be rewritten for clarification. Using networkd for your wireguard server might make sense, but if you have a laptop that is a client then you might still want the wireguard settings in your nix configuration, without dropping NetworkManager for networkd.
I still use networking.wireguard, wrapped in my own module so I can replace it later if necessary. Switching all my systems to networkd doesn’t make sense, and the scripts in there work fine for me.
You can also ignore both of those modules and just directly create unit files for systemd, using those modules` code for reference if necessary. Wireguard is dead simple to configure, if you’re doing it for personal use, don’t overthink it (but don’t leak your keys on github!)
This is tangential: I don’t want to criticize anyone for their work on NixOS, but I do wish more things could remain abstracted from systemd so that down the road we could have drop-in alternatives. Would be cool for building things like tiny system images for embedded applications (not-os is a very basic example of what’s already possible)