{ config, pkgs, lib, self, ... }: with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { age.secrets."cat-test.ovpn" = { file = "${self}/secrets/cat-test.ovpn"; mode = "700"; owner = psCfg.user.name; }; age.secrets.".fwknoprc" = { file = "${self}/secrets/.fwknoprc"; mode = "600"; }; services.openvpn.servers = { catVPN = { autoStart = false; config = ''config ${config.age.secrets."cat-test.ovpn".path}''; }; }; systemd.services.openvpn-catVPN.serviceConfig.ExecStartPre = "${pkgs.fwknop}/bin/fwknop --rc-file=${config.age.secrets.".fwknoprc".path} --no-save-args --no-home-dir --save-args-file=/dev/null -n hetzner_test_cloud --wget-cmd=${pkgs.wget}/bin/wget"; home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] { programs.ssh = { matchBlocks = { "salt.base.test" = { hostname = "10.0.0.2"; user = "root"; }; "gateway.base.test" = { hostname = "10.0.0.3"; user = "root"; }; "monitor.base.test" = { hostname = "10.0.0.4"; user = "root"; }; "proxy1.prod.test" = { hostname = "10.0.0.6"; user = "root"; }; "proxy2.prod.test" = { hostname = "10.0.0.7"; user = "root"; }; "demo1.prod.test" = { hostname = "10.0.0.5"; user = "root"; }; "proxy1.test.test" = { hostname = "10.0.0.8"; user = "root"; }; "proxy2.test.test" = { hostname = "10.0.0.9"; user = "root"; }; }; }; }; }