mnx: add openvpn connection, update secrets

secrets/secrets.nix

@@ -15,6 +15,8 @@ in {
   "github-api-token.age".publicKeys = allKeys;
   "fwknoprc.age".publicKeys = allKeys;
   "cat-testenv.ovpn.age".publicKeys = allKeys;
+  "mnx-bonanza-pf1.ovpn.age".publicKeys = allKeys;
+  "mnx-bonanza-pf1.p12.age".publicKeys = allKeys;
   "docker-ci-runner-secrets.age".publicKeys = allKeys;
   "test-secret.age".publicKeys = [users.teutat3s-5-nfc];
 }

users/teutat3s/mnx.nix

@@ -10,6 +10,17 @@ with lib; let
   xdg = config.home-manager.users."${psCfg.user.name}".xdg;
 in {
   config = {
+    age.secrets."mnx-bonanza-pf1.ovpn" = {
+      file = "${self}/secrets/mnx-bonanza-pf1.ovpn.age";
+      mode = "600";
+      owner = psCfg.user.name;
+    };
+    age.secrets."mnx-bonanza-pf1.p12" = {
+      file = "${self}/secrets/mnx-bonanza-pf1.p12.age";
+      mode = "600";
+      owner = psCfg.user.name;
+    };
+
     environment = {
       systemPackages = with pkgs; [
         networkmanager-fortisslvpn
@@ -17,6 +28,13 @@ in {
       ];
     };
 
+    services.openvpn.servers = {
+      bonanzaVPN = {
+        config = ''config ${config.age.secrets."mnx-bonanza-pf1.ovpn".path}'';
+        autoStart = false;
+      };
+    };
+
     programs._1password-gui = {
       enable = true;
       polkitPolicyOwners = ["teutat3s"];