services: wireguard: Make the private-key field optional.

Users who retrieve the private-key via a PreUp field need to be able to disable the default retrieval mechanism. * gnu/services/vpn.scm (<wireguard-configuration>)[private-key]: Change comment. (wireguard-configuration-file): Conditionally serialize private-key. * gnu/services/vpn.scm (wireguard-activation): Do not create private-key if the field is #f. * doc/guix.texi (VPN Services)[wireguard-configuration]: Document it. Change-Id: Iac419809ae94eb76e97ff1f1749e2f4b3e65bb04 Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
author: Richard Sent <richard@freakingpenguin.com> 2024-12-04 15:59:33 -0500
committer: Mathieu Othacehe <othacehe@gnu.org> 2024-12-06 20:09:28 +0100
commit: aa12068c91d40c568a44c8d2e36d2ee88ce79d84 (patch)
tree: 443991057a1a3c07128ef804d1b8d6e6897eae03 /doc
parent: d101a6275ac4ee287859349a77c08d43e98a4c88 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index f43cb53990..fa9a147bd0 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -34626,7 +34626,9 @@ an mcron time specification (@pxref{Guile Syntax,,,mcron}).
 
 @item @code{private-key} (default: @code{"/etc/wireguard/private.key"})
 The private key file for the interface.  It is automatically generated
-if the file does not exist.
+if the file does not exist.  If this field is @code{#f}, a private key
+is not automatically created and the path is not serialized to the
+configuration file.
 
 @item @code{peers} (default: @code{'()})
 The authorized peers on this interface.  This is a list of
author	Richard Sent <richard@freakingpenguin.com>	2024-12-04 15:59:33 -0500
committer	Mathieu Othacehe <othacehe@gnu.org>	2024-12-06 20:09:28 +0100
commit	aa12068c91d40c568a44c8d2e36d2ee88ce79d84 (patch)
tree	443991057a1a3c07128ef804d1b8d6e6897eae03 /doc
parent	d101a6275ac4ee287859349a77c08d43e98a4c88 (diff)