From e6c6bd012ffa4502dc399a8be462bdaf6996f791 Mon Sep 17 00:00:00 2001
From: Lillian-Violet <git@lillianviolet.dev>
Date: Wed, 20 Aug 2025 14:30:52 +0200
Subject: [PATCH] make a little service to start the VPN only after network is
 connected to hopefully fix the VPN blocking wifi on shodan issue

---
 nixos/shared/default.nix | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/nixos/shared/default.nix b/nixos/shared/default.nix
index 3730051..0cef737 100644
--- a/nixos/shared/default.nix
+++ b/nixos/shared/default.nix
@@ -188,6 +188,23 @@
     };
   };
 
+  systemd.services."start-vpn-wg" =
+    if config.services.vpn-ip.enable
+    then {
+      path = with pkgs; [systemd];
+      enable = true;
+      unitConfig = {
+        Wants = "network-online.target";
+        After = "network-online.target";
+      };
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl start wg-quick-wg0.service";
+        RemainAfterExit = "yes";
+      };
+    }
+    else {};
+
   networking =
     if config.services.vpn-ip.enable
     then {
@@ -195,7 +212,7 @@
 
       wg-quick.interfaces = {
         wg0 = {
-          autostart = true;
+          autostart = false;
           address = ["10.0.0.${config.services.vpn-ip.ip}/24" "fdc9:281f:04d7:9ee9::${config.services.vpn-ip.ip}/64"];
           dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
           listenPort = 51821;