From 027bcf9b43546063e62578858eee50ac278334f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Tue, 19 Jul 2022 13:33:48 +0200
Subject: nixos: rework openvpn

---
 nixos/machine/binky.nix    | 11 ++++-------
 nixos/machine/ridcully.nix |  3 +++
 nixos/modules/openvpn.nix  | 36 ++++++++++++++++++++++++++++--------
 3 files changed, 35 insertions(+), 15 deletions(-)

(limited to 'nixos')

diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix
index c7e319a..7be8017 100644
--- a/nixos/machine/binky.nix
+++ b/nixos/machine/binky.nix
@@ -13,6 +13,10 @@ with lib;
       wifiClient = true;
       develop = true;
       gaming = true;
+      openvpn = {
+        oldpersonal = true;
+        elektroline = true;
+      };
     };
 
     boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"];
@@ -57,13 +61,6 @@ with lib;
       dataDir = "/home/cynerd";
       configDir = "/home/cynerd/.config/syncthing";
     };
-    services.openvpn.servers.oldpersonal = {
-      config = "config /run/secrets/old.ovpn";
-    };
-    services.openvpn.servers.elektroline = {
-      config = "config /run/secrets/elektroline.ovpn";
-    };
-
 
   };
 
diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix
index 7151878..30b8de1 100644
--- a/nixos/machine/ridcully.nix
+++ b/nixos/machine/ridcully.nix
@@ -9,6 +9,9 @@ with lib;
       desktop.enable = true;
       develop = true;
       gaming = true;
+      openvpn = {
+        elektroline = true;
+      };
     };
 
     boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage"];
diff --git a/nixos/modules/openvpn.nix b/nixos/modules/openvpn.nix
index abcd1f0..d070cb2 100644
--- a/nixos/modules/openvpn.nix
+++ b/nixos/modules/openvpn.nix
@@ -9,18 +9,38 @@ let
 in {
 
   options = {
-    cynerd.openvpn.enable = mkOption {
-      type = types.bool;
-      default = false;
-      description = "My personal OpenVPN";
+    cynerd.openvpn = {
+      personal = mkOption {
+        type = types.bool;
+        default = false;
+        description = "My personal OpenVPN";
+      };
+      oldpersonal = mkOption {
+        type = types.bool;
+        default = false;
+        description = "My personal old OpenVPN";
+      };
+      elektroline = mkOption {
+        type = types.bool;
+        default = false;
+        description = "Elektroline OpenVPN";
+      };
     };
   };
 
-  config = mkIf cnf.enable {
-    services.openvpn.servers.personal = {
-      config = "config /run/secrets/personal.ovpn";
+  config = {
+    services.openvpn.servers = {
+      personal = mkIf cnf.personal {
+        config = "config /run/secrets/personal.ovpn";
+      };
+      oldpersonal = mkIf cnf.oldpersonal {
+        config = "config /run/secrets/old.ovpn";
+      };
+      elektroline = mkIf  cnf.elektroline {
+        autoStart = false;
+        config = "config /run/secrets/elektroline.ovpn";
+      };
     };
   };
 
 }
-
-- 
cgit v1.2.3