From 5aa65b766fa2d31c89d0853a76fc4bf48aa6d663 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= <hello@benjaminbaedorf.eu>
Date: Fri, 5 May 2023 14:17:14 +0200
Subject: [PATCH] Include fwknop into CaT VPN config

---
 modules/devops/default.nix          | 1 -
 users/ben/concepts-and-training.nix | 6 +++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/modules/devops/default.nix b/modules/devops/default.nix
index 500f5c11..2f3425f6 100644
--- a/modules/devops/default.nix
+++ b/modules/devops/default.nix
@@ -16,7 +16,6 @@ in {
     home-manager = with pkgs;
       pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
         home.packages = [
-          fwknop
           croc
           drone-cli
           nmap
diff --git a/users/ben/concepts-and-training.nix b/users/ben/concepts-and-training.nix
index 663034bc..8d96d32f 100644
--- a/users/ben/concepts-and-training.nix
+++ b/users/ben/concepts-and-training.nix
@@ -17,17 +17,17 @@ in {
 
   age.secrets.".fwknoprc" = {
     file = "${self}/secrets/.fwknoprc";
-    path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
     mode = "600";
-    owner = psCfg.user.name;
   };
 
   services.openvpn.servers = {
     catVPN = {
-      config = ''config /run/agenix/cat-test.ovpn '';
+      config = ''config ${config.age.secrets."cat-test.ovpn".path}'';
     };
   };
 
+  systemd.services.openvpn-catVPN.serviceConfig.ExecStartPre = "${pkgs.fwknop}/bin/fwknop --rc-file=${config.age.secrets.".fwknoprc".path} --no-save-args --no-home-dir --save-args-file=/dev/null -n hetzner_test_cloud --wget-cmd=${pkgs.wget}/bin/wget";
+
   home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
     programs.ssh = {
       matchBlocks = {