aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2022-07-19 13:33:48 +0200
committerKarel Kočí <cynerd@email.cz>2022-07-19 13:33:48 +0200
commit027bcf9b43546063e62578858eee50ac278334f3 (patch)
tree1ed5e40f784941d10afc7c984a6403c2107e5cec
parent2742cf5f2cb278540740204205dbcc49bdc91b55 (diff)
downloadnixos-personal-027bcf9b43546063e62578858eee50ac278334f3.tar.gz
nixos-personal-027bcf9b43546063e62578858eee50ac278334f3.tar.bz2
nixos-personal-027bcf9b43546063e62578858eee50ac278334f3.zip
nixos: rework openvpn
-rw-r--r--flake.lock28
-rw-r--r--nixos/machine/binky.nix11
-rw-r--r--nixos/machine/ridcully.nix3
-rw-r--r--nixos/modules/openvpn.nix36
4 files changed, 49 insertions, 29 deletions
diff --git a/flake.lock b/flake.lock
index 0a39d06..b762311 100644
--- a/flake.lock
+++ b/flake.lock
@@ -16,11 +16,11 @@
},
"flake-utils_2": {
"locked": {
- "lastModified": 1656065134,
- "narHash": "sha256-oc6E6ByIw3oJaIyc67maaFcnjYOz1mMcOtHxbEf9NwQ=",
+ "lastModified": 1656928814,
+ "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",
"owner": "numtide",
"repo": "flake-utils",
- "rev": "bee6a7250dd1b01844a2de7e02e4df7d8a0a206c",
+ "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249",
"type": "github"
},
"original": {
@@ -44,11 +44,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1657649905,
- "narHash": "sha256-gth8ki7Sme/DjUc/hXBHpn+cvQSx9oTLCXUjQbbrn3M=",
+ "lastModified": 1658150454,
+ "narHash": "sha256-dhyOQvRT8oYWN0SwsNyujohBsJqwF5W7fnhEcfgBk7E=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "09066922296d9ef06bfadb937b2560524dd10785",
+ "rev": "3110964916469ad6ed9fea72a0a3119a0959a14e",
"type": "github"
},
"original": {
@@ -93,11 +93,11 @@
]
},
"locked": {
- "lastModified": 1656748427,
- "narHash": "sha256-n53tR4ZpKC3YBbLvFkTIxB0aJRl85YfFerJI3pKTnio=",
+ "lastModified": 1658079384,
+ "narHash": "sha256-olmeJLvuCEY+IU4jtnKVUM1sGwi70+zqlMrFHtnBNdE=",
"ref": "refs/heads/master",
- "rev": "e7e8404b2c04e7b361ff72d81d6273bd13d40800",
- "revCount": 26,
+ "rev": "12747ad801b7f4cf90a1716db5547bb0fb3b72a0",
+ "revCount": 29,
"type": "git",
"url": "https://git.cynerd.cz/nixturris"
},
@@ -108,11 +108,11 @@
},
"personal-secret": {
"locked": {
- "lastModified": 1655473825,
- "narHash": "sha256-lG/h0oOCMToprLdm1hNB97rXGzIaoqqhWEEPXBexH64=",
+ "lastModified": 1658221229,
+ "narHash": "sha256-+dpsauDVyKt5wRo0jCD9vvEJL5TDdf7IabX3RQKbRjQ=",
"ref": "refs/heads/master",
- "rev": "988d0672e12f63b4e8ac95cadcf00e5986c0e7e3",
- "revCount": 19,
+ "rev": "bbc74448642373618dedb1e9fa180720fab70cbf",
+ "revCount": 22,
"type": "git",
"url": "ssh://git@cynerd.cz/nixos-personal-secret"
},
diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix
index c7e319a..7be8017 100644
--- a/nixos/machine/binky.nix
+++ b/nixos/machine/binky.nix
@@ -13,6 +13,10 @@ with lib;
wifiClient = true;
develop = true;
gaming = true;
+ openvpn = {
+ oldpersonal = true;
+ elektroline = true;
+ };
};
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"];
@@ -57,13 +61,6 @@ with lib;
dataDir = "/home/cynerd";
configDir = "/home/cynerd/.config/syncthing";
};
- services.openvpn.servers.oldpersonal = {
- config = "config /run/secrets/old.ovpn";
- };
- services.openvpn.servers.elektroline = {
- config = "config /run/secrets/elektroline.ovpn";
- };
-
};
diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix
index 7151878..30b8de1 100644
--- a/nixos/machine/ridcully.nix
+++ b/nixos/machine/ridcully.nix
@@ -9,6 +9,9 @@ with lib;
desktop.enable = true;
develop = true;
gaming = true;
+ openvpn = {
+ elektroline = true;
+ };
};
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage"];
diff --git a/nixos/modules/openvpn.nix b/nixos/modules/openvpn.nix
index abcd1f0..d070cb2 100644
--- a/nixos/modules/openvpn.nix
+++ b/nixos/modules/openvpn.nix
@@ -9,18 +9,38 @@ let
in {
options = {
- cynerd.openvpn.enable = mkOption {
- type = types.bool;
- default = false;
- description = "My personal OpenVPN";
+ cynerd.openvpn = {
+ personal = mkOption {
+ type = types.bool;
+ default = false;
+ description = "My personal OpenVPN";
+ };
+ oldpersonal = mkOption {
+ type = types.bool;
+ default = false;
+ description = "My personal old OpenVPN";
+ };
+ elektroline = mkOption {
+ type = types.bool;
+ default = false;
+ description = "Elektroline OpenVPN";
+ };
};
};
- config = mkIf cnf.enable {
- services.openvpn.servers.personal = {
- config = "config /run/secrets/personal.ovpn";
+ config = {
+ services.openvpn.servers = {
+ personal = mkIf cnf.personal {
+ config = "config /run/secrets/personal.ovpn";
+ };
+ oldpersonal = mkIf cnf.oldpersonal {
+ config = "config /run/secrets/old.ovpn";
+ };
+ elektroline = mkIf cnf.elektroline {
+ autoStart = false;
+ config = "config /run/secrets/elektroline.ovpn";
+ };
};
};
}
-