From cb89eb19d205f1cbbf48a3a1bfb71d70cb48d9bf Mon Sep 17 00:00:00 2001
From: Alexander Bantyev <balsoft@balsoft.ru>
Date: Tue, 30 Mar 2021 23:46:13 +0300
Subject: [PATCH] Don't start wireguard on boot

---
 modules/ezwg.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/ezwg.nix b/modules/ezwg.nix
index 0a6978c..ca521d2 100644
--- a/modules/ezwg.nix
+++ b/modules/ezwg.nix
@@ -40,6 +40,17 @@ in {
   };
   config = mkIf cfg.enable {
     networking.firewall.checkReversePath = false;
+    systemd.services.wireguard-wg0.wantedBy = lib.mkForce [ ];
+    systemd.paths.wireguard-wg0.wantedBy = lib.mkForce [ ];
+    systemd.services."wireguard-wg0-peer-${
+      lib.replaceChars [ "/" "-" " " "+" "=" ] [
+        "-"
+        "\\x2d"
+        "\\x20"
+        "\\x2b"
+        "\\x3d"
+      ] cfg.serverKey
+    }".wantedBy = lib.mkForce [ ];
     networking.wireguard.interfaces.wg0 = let
       generateRangesScript =
         builtins.toFile "exclusionary-wildcard-ranges-generator.py" ''