os/users/ben/concepts-and-training.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

63 lines
1.4 KiB
Nix
Raw Normal View History

{
config,
pkgs,
lib,
self,
...
}:
with lib; let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
age.secrets."cat-test.ovpn" = {
file = "${self}/secrets/cat-test.ovpn";
mode = "700";
owner = psCfg.user.name;
};
age.secrets.".fwknoprc" = {
file = "${self}/secrets/.fwknoprc";
mode = "600";
};
services.openvpn.servers = {
catVPN = {
autoStart = false;
2023-05-05 12:17:14 +00:00
config = ''config ${config.age.secrets."cat-test.ovpn".path}'';
};
};
2023-05-05 12:17:14 +00:00
systemd.services.openvpn-catVPN.serviceConfig.ExecStartPre = "${pkgs.fwknop}/bin/fwknop --rc-file=${config.age.secrets.".fwknoprc".path} --no-save-args --no-home-dir --save-args-file=/dev/null -n hetzner_test_cloud --wget-cmd=${pkgs.wget}/bin/wget";
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
programs.ssh = {
matchBlocks = {
"salt.base.test" = {
hostname = "10.0.0.2";
2023-09-05 15:46:26 +00:00
user = "root";
};
2023-07-14 17:26:09 +00:00
"gateway.base.test" = {
hostname = "10.0.0.3";
user = "root";
2023-09-05 15:46:26 +00:00
};
"monitor.base.test" = {
hostname = "10.0.0.4";
user = "root";
};
"proxy1.prod.test" = {
hostname = "10.0.0.6";
user = "root";
};
"demo1.prod.test" = {
hostname = "10.0.0.5";
user = "root";
};
};
};
};
}