os/users/b12f/ehex.nix

{
  config,
  pkgs,
  lib,
  flake,
  ...
}:
with lib; let
  psCfg = config.pub-solar;
  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
  tmpConfigDir = "/tmp/ovpn/ehex";
  tmpConfigFile = "${tmpConfigDir}/conf.ovpn";
in {
  age.secrets."ehex.ovpn" = {
    file = "${flake.self}/secrets/cat-test.ovpn.age";
    mode = "400";
  };

  age.secrets."ehex-vpn.creds" = {
    file = "${flake.self}/secrets/ehex-vpn.creds.age";
    mode = "400";
  };

  services.openvpn.servers = {
    ehexVPN = {
      autoStart = false;
      updateResolvConf = true;
      config = ''
        config ${config.age.secrets."ehex.ovpn".path}
      '';
    };
  };
}