Include fwknop into CaT VPN config

This commit is contained in:
Benjamin Bädorf 2023-05-05 14:17:14 +02:00
parent ad1a6db3a8
commit 5aa65b766f
No known key found for this signature in database
GPG key ID: 4406E80E13CD656C
2 changed files with 3 additions and 4 deletions

View file

@ -16,7 +16,6 @@ in {
home-manager = with pkgs;
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
home.packages = [
fwknop
croc
drone-cli
nmap

View file

@ -17,17 +17,17 @@ in {
age.secrets.".fwknoprc" = {
file = "${self}/secrets/.fwknoprc";
path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
mode = "600";
owner = psCfg.user.name;
};
services.openvpn.servers = {
catVPN = {
config = ''config /run/agenix/cat-test.ovpn '';
config = ''config ${config.age.secrets."cat-test.ovpn".path}'';
};
};
systemd.services.openvpn-catVPN.serviceConfig.ExecStartPre = "${pkgs.fwknop}/bin/fwknop --rc-file=${config.age.secrets.".fwknoprc".path} --no-save-args --no-home-dir --save-args-file=/dev/null -n hetzner_test_cloud --wget-cmd=${pkgs.wget}/bin/wget";
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
programs.ssh = {
matchBlocks = {