dumpyourvms: mnx: cat: move to user teutat3s

hosts/dumpyourvms/dumpyourvms.nix

@@ -71,21 +71,11 @@ in {
     services.mozillavpn.enable = true;
     networking = import ./networking.nix;
     services.tailscale.enable = true;
-    services.openvpn.servers = {
-      catVPN = {config = ''config /home/teutat3s/.local/share/openvpn/catVPN.conf '';};
-    };
 
     security.pki.certificateFiles = [./consul-agent-ca.pem];
 
     services.unbound = import ./unbound.nix;
 
-    environment = {
-      systemPackages = with pkgs; [
-        networkmanager-fortisslvpn
-        openfortivpn
-      ];
-    };
-
     # Set default brightness to 50%
     # https://ubuntuforums.org/showthread.php?t=2409856
     services.cron.systemCronJobs = [

modules/crypto/default.nix

@@ -39,7 +39,6 @@ in {
           libsecret
           qMasterPassword
           restic
-          fwknop
         ];
       };
   };

modules/devops/default.nix

@@ -16,6 +16,8 @@ in {
     home-manager = with pkgs;
       pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
         home.packages = [
+          fwknop
+          croc
           drone-cli
           nmap
           pgcli

secrets/secrets.nix

@@ -12,6 +12,8 @@ let
 in {
   "example-secret.age".publicKeys = allKeys;
   "environment-secrets.age".publicKeys = allKeys;
+  "fwknoprc.age".publicKeys = allKeys;
+  "cat-testenv.ovpn.age".publicKeys = allKeys;
   "docker-ci-runner-secrets.age".publicKeys = allKeys;
   "test-secret.age".publicKeys = [users.teutat3s-5-nfc];
 }

users/teutat3s/concepts-and-training.nix

@@ -0,0 +1,48 @@
+{
+  config,
+  pkgs,
+  lib,
+  self,
+  ...
+}:
+with lib; let
+  psCfg = config.pub-solar;
+  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
+in {
+  age.secrets."cat-testenv.ovpn" = {
+    file = "${self}/secrets/cat-testenv.ovpn.age";
+    mode = "600";
+    owner = psCfg.user.name;
+  };
+
+  age.secrets."fwknoprc" = {
+    file = "${self}/secrets/fwknoprc.age";
+    path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
+    mode = "600";
+    owner = psCfg.user.name;
+  };
+
+  services.openvpn.servers = {
+    catVPN = {
+      config = ''config ${config.age.secrets."cat-testenv.ovpn".path}'';
+      autoStart = false;
+    };
+  };
+
+  #home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
+  #  programs.ssh = {
+  #    matchBlocks = {
+  #      "salt.base.test" = {
+  #        hostname = "10.0.0.2";
+  #        user = "bbaedorf";
+  #      };
+
+  #      "salt.gateway.test" = {
+  #        hostname = "10.0.0.3";
+  #        user = "root";
+  #        proxyJump = "salt.base.test";
+  #      };
+  #    };
+  #  };
+  #};
+}

users/teutat3s/home.nix

@@ -13,6 +13,8 @@ with lib; let
 in {
   imports = [
     ./session-variables.nix
+    ./concepts-and-training.nix
+    ./mnx.nix
   ];
 
   config = {

users/teutat3s/mnx.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  pkgs,
+  lib,
+  self,
+  ...
+}:
+with lib; let
+  psCfg = config.pub-solar;
+  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
+in {
+  environment = {
+    systemPackages = with pkgs; [
+      networkmanager-fortisslvpn
+      openfortivpn
+    ];
+  };
+}