diff --git a/secrets/environment-secrets.age b/secrets/environment-secrets.age index 13999bb3..971113bb 100644 Binary files a/secrets/environment-secrets.age and b/secrets/environment-secrets.age differ diff --git a/secrets/mnx-bonanza-pf1.ovpn.age b/secrets/mnx-bonanza-pf1.ovpn.age new file mode 100644 index 00000000..d556f9ab Binary files /dev/null and b/secrets/mnx-bonanza-pf1.ovpn.age differ diff --git a/secrets/mnx-bonanza-pf1.p12.age b/secrets/mnx-bonanza-pf1.p12.age new file mode 100644 index 00000000..03442d43 Binary files /dev/null and b/secrets/mnx-bonanza-pf1.p12.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 89f4c488..c0b0aa89 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -15,6 +15,8 @@ in { "github-api-token.age".publicKeys = allKeys; "fwknoprc.age".publicKeys = allKeys; "cat-testenv.ovpn.age".publicKeys = allKeys; + "mnx-bonanza-pf1.ovpn.age".publicKeys = allKeys; + "mnx-bonanza-pf1.p12.age".publicKeys = allKeys; "docker-ci-runner-secrets.age".publicKeys = allKeys; "test-secret.age".publicKeys = [users.teutat3s-5-nfc]; } diff --git a/users/teutat3s/mnx.nix b/users/teutat3s/mnx.nix index 001fab09..9620780a 100644 --- a/users/teutat3s/mnx.nix +++ b/users/teutat3s/mnx.nix @@ -10,6 +10,17 @@ with lib; let xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { config = { + age.secrets."mnx-bonanza-pf1.ovpn" = { + file = "${self}/secrets/mnx-bonanza-pf1.ovpn.age"; + mode = "600"; + owner = psCfg.user.name; + }; + age.secrets."mnx-bonanza-pf1.p12" = { + file = "${self}/secrets/mnx-bonanza-pf1.p12.age"; + mode = "600"; + owner = psCfg.user.name; + }; + environment = { systemPackages = with pkgs; [ networkmanager-fortisslvpn @@ -17,6 +28,13 @@ in { ]; }; + services.openvpn.servers = { + bonanzaVPN = { + config = ''config ${config.age.secrets."mnx-bonanza-pf1.ovpn".path}''; + autoStart = false; + }; + }; + programs._1password-gui = { enable = true; polkitPolicyOwners = ["teutat3s"];