os/users/teutat3s/concepts-and-training.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

50 lines
1 KiB
Nix
Raw Normal View History

{
config,
pkgs,
lib,
flake,
...
}:
let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in
{
age.secrets."cat-testenv.ovpn" = {
file = "${flake.self}/secrets/cat-testenv.ovpn.age";
mode = "600";
owner = psCfg.user.name;
};
age.secrets."fwknoprc" = {
file = "${flake.self}/secrets/fwknoprc.age";
path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
mode = "600";
owner = psCfg.user.name;
};
services.openvpn.servers = {
catVPN = {
config = ''config ${config.age.secrets."cat-testenv.ovpn".path}'';
autoStart = false;
};
};
#home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
# programs.ssh = {
# matchBlocks = {
# "salt.base.test" = {
# hostname = "10.0.0.2";
# user = "bbaedorf";
# };
# "salt.gateway.test" = {
# hostname = "10.0.0.3";
# user = "root";
# proxyJump = "salt.base.test";
# };
# };
# };
#};
}