mnx: add openvpn connection, update secrets
This commit is contained in:
parent
8a2910f10c
commit
244a8b01fb
Binary file not shown.
BIN
secrets/mnx-bonanza-pf1.ovpn.age
Normal file
BIN
secrets/mnx-bonanza-pf1.ovpn.age
Normal file
Binary file not shown.
BIN
secrets/mnx-bonanza-pf1.p12.age
Normal file
BIN
secrets/mnx-bonanza-pf1.p12.age
Normal file
Binary file not shown.
|
@ -15,6 +15,8 @@ in {
|
||||||
"github-api-token.age".publicKeys = allKeys;
|
"github-api-token.age".publicKeys = allKeys;
|
||||||
"fwknoprc.age".publicKeys = allKeys;
|
"fwknoprc.age".publicKeys = allKeys;
|
||||||
"cat-testenv.ovpn.age".publicKeys = allKeys;
|
"cat-testenv.ovpn.age".publicKeys = allKeys;
|
||||||
|
"mnx-bonanza-pf1.ovpn.age".publicKeys = allKeys;
|
||||||
|
"mnx-bonanza-pf1.p12.age".publicKeys = allKeys;
|
||||||
"docker-ci-runner-secrets.age".publicKeys = allKeys;
|
"docker-ci-runner-secrets.age".publicKeys = allKeys;
|
||||||
"test-secret.age".publicKeys = [users.teutat3s-5-nfc];
|
"test-secret.age".publicKeys = [users.teutat3s-5-nfc];
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,6 +10,17 @@ with lib; let
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
in {
|
in {
|
||||||
config = {
|
config = {
|
||||||
|
age.secrets."mnx-bonanza-pf1.ovpn" = {
|
||||||
|
file = "${self}/secrets/mnx-bonanza-pf1.ovpn.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
age.secrets."mnx-bonanza-pf1.p12" = {
|
||||||
|
file = "${self}/secrets/mnx-bonanza-pf1.p12.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
systemPackages = with pkgs; [
|
systemPackages = with pkgs; [
|
||||||
networkmanager-fortisslvpn
|
networkmanager-fortisslvpn
|
||||||
|
@ -17,6 +28,13 @@ in {
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.openvpn.servers = {
|
||||||
|
bonanzaVPN = {
|
||||||
|
config = ''config ${config.age.secrets."mnx-bonanza-pf1.ovpn".path}'';
|
||||||
|
autoStart = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
programs._1password-gui = {
|
programs._1password-gui = {
|
||||||
enable = true;
|
enable = true;
|
||||||
polkitPolicyOwners = ["teutat3s"];
|
polkitPolicyOwners = ["teutat3s"];
|
||||||
|
|
Loading…
Reference in a new issue