balsoft/nixos-config
1
0
Fork 0
Code Issues Releases Wiki Activity

Add openvpn

Browse Source
This commit is contained in:
Alexander Bantyev 2022-06-27 23:48:31 +04:00
parent 3ba643bab9
commit 8fd3d9cbe7
Signed by: balsoft
GPG Key ID: E081FF12ADCB4AD5
3 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/secrets.nix
View File

@ -2,7 +2,7 @@
with lib; with lib;
with types; with types;
let let
password-store = "/home/balsoft/.local/share/password-store"; password-store = config.secretsConfig.password-store;
secret = { name, ... }: { secret = { name, ... }: {
options = { options = {
encrypted = mkOption { encrypted = mkOption {
@ -121,6 +121,10 @@ in {
}; };
options.secretsConfig = { options.secretsConfig = {
password-store = lib.mkOption {
type = lib.types.path;
default = "/home/balsoft/.local/share/password-store";
};
repo = lib.mkOption { repo = lib.mkOption {
type = str; type = str;
default = "ssh://git@github.com/balsoft/pass"; default = "ssh://git@github.com/balsoft/pass";

15
profiles/workspace/openvpn.nix Normal file
View File

@ -0,0 +1,15 @@
{ config, pkgs, ... }: let password-store = config.secretsConfig.password-store; in {
secrets.tawasal_eu1 = {
encrypted = "${password-store}/openvpn/tawasal_eu1.gpg";
services = [ "openvpn-tawasal-eu1.service" ];
};
secrets.tawasal_eu2 = {
encrypted = "${password-store}/openvpn/tawasal_eu2.gpg";
services = [ "openvpn-tawasal-eu2.service" ];
};
services.openvpn.servers = {
tawasal-eu1.config = "config ${config.secrets.tawasal_eu1.decrypted}";
tawasal-eu2.config = "config ${config.secrets.tawasal_eu2.decrypted}";
};
}

1
roles/desktop.nix
View File

@ -41,6 +41,7 @@
light light
mako mako
# mopidy # mopidy
openvpn
simple-osd-daemons simple-osd-daemons
sway sway
yubikey-touch-detector yubikey-touch-detector