dumpyourvms: mnx: cat: move to user teutat3s

2023-05-05 18:10:08 +02:00 · 2023-05-05 18:10:08 +02:00 · d7d316bddb
parent 69f842bd6e
commit d7d316bddb
9 changed files with 72 additions and 11 deletions
--- a/hosts/dumpyourvms/dumpyourvms.nix
+++ b/hosts/dumpyourvms/dumpyourvms.nix
@ -71,21 +71,11 @@ in {
    services.mozillavpn.enable = true;
    networking = import ./networking.nix;
    services.tailscale.enable = true;
-    services.openvpn.servers = {
-      catVPN = {config = ''config /home/teutat3s/.local/share/openvpn/catVPN.conf '';};
-    };

    security.pki.certificateFiles = [./consul-agent-ca.pem];

    services.unbound = import ./unbound.nix;

-    environment = {
-      systemPackages = with pkgs; [
-        networkmanager-fortisslvpn
-        openfortivpn
-      ];
-    };
-
    # Set default brightness to 50%
    # https://ubuntuforums.org/showthread.php?t=2409856
    services.cron.systemCronJobs = [
--- a/modules/crypto/default.nix
+++ b/modules/crypto/default.nix
@ -39,7 +39,6 @@ in {
          libsecret
          qMasterPassword
          restic
-          fwknop
        ];
      };
  };
--- a/modules/devops/default.nix
+++ b/modules/devops/default.nix
@ -16,6 +16,8 @@ in {
    home-manager = with pkgs;
      pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
        home.packages = [
+          fwknop
+          croc
          drone-cli
          nmap
          pgcli
--- a/secrets/cat-testenv.ovpn.age
+++ b/secrets/cat-testenv.ovpn.age
--- a/secrets/fwknoprc.age
+++ b/secrets/fwknoprc.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -12,6 +12,8 @@ let
 in {
  "example-secret.age".publicKeys = allKeys;
  "environment-secrets.age".publicKeys = allKeys;
+  "fwknoprc.age".publicKeys = allKeys;
+  "cat-testenv.ovpn.age".publicKeys = allKeys;
  "docker-ci-runner-secrets.age".publicKeys = allKeys;
  "test-secret.age".publicKeys = [users.teutat3s-5-nfc];
 }
--- a/users/teutat3s/concepts-and-training.nix
+++ b/users/teutat3s/concepts-and-training.nix
@ -0,0 +1,48 @@
+{
+  config,
+  pkgs,
+  lib,
+  self,
+  ...
+}:
+with lib; let
+  psCfg = config.pub-solar;
+  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
+in {
+  age.secrets."cat-testenv.ovpn" = {
+    file = "${self}/secrets/cat-testenv.ovpn.age";
+    mode = "600";
+    owner = psCfg.user.name;
+  };
+
+  age.secrets."fwknoprc" = {
+    file = "${self}/secrets/fwknoprc.age";
+    path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
+    mode = "600";
+    owner = psCfg.user.name;
+  };
+
+  services.openvpn.servers = {
+    catVPN = {
+      config = ''config ${config.age.secrets."cat-testenv.ovpn".path}'';
+      autoStart = false;
+    };
+  };
+
+  #home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
+  #  programs.ssh = {
+  #    matchBlocks = {
+  #      "salt.base.test" = {
+  #        hostname = "10.0.0.2";
+  #        user = "bbaedorf";
+  #      };
+
+  #      "salt.gateway.test" = {
+  #        hostname = "10.0.0.3";
+  #        user = "root";
+  #        proxyJump = "salt.base.test";
+  #      };
+  #    };
+  #  };
+  #};
+}
--- a/users/teutat3s/home.nix
+++ b/users/teutat3s/home.nix
@ -13,6 +13,8 @@ with lib; let
 in {
  imports = [
    ./session-variables.nix
+    ./concepts-and-training.nix
+    ./mnx.nix
  ];

  config = {
--- a/users/teutat3s/mnx.nix
+++ b/users/teutat3s/mnx.nix
@ -0,0 +1,18 @@
+{
+  config,
+  pkgs,
+  lib,
+  self,
+  ...
+}:
+with lib; let
+  psCfg = config.pub-solar;
+  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
+in {
+  environment = {
+    systemPackages = with pkgs; [
+      networkmanager-fortisslvpn
+      openfortivpn
+    ];
+  };
+}