dumpyourvms: mnx: cat: move to user teutat3s

This commit is contained in:
teutat3s 2023-05-05 18:10:08 +02:00
parent 69f842bd6e
commit d7d316bddb
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
9 changed files with 72 additions and 11 deletions

View file

@ -71,21 +71,11 @@ in {
services.mozillavpn.enable = true; services.mozillavpn.enable = true;
networking = import ./networking.nix; networking = import ./networking.nix;
services.tailscale.enable = true; services.tailscale.enable = true;
services.openvpn.servers = {
catVPN = {config = ''config /home/teutat3s/.local/share/openvpn/catVPN.conf '';};
};
security.pki.certificateFiles = [./consul-agent-ca.pem]; security.pki.certificateFiles = [./consul-agent-ca.pem];
services.unbound = import ./unbound.nix; services.unbound = import ./unbound.nix;
environment = {
systemPackages = with pkgs; [
networkmanager-fortisslvpn
openfortivpn
];
};
# Set default brightness to 50% # Set default brightness to 50%
# https://ubuntuforums.org/showthread.php?t=2409856 # https://ubuntuforums.org/showthread.php?t=2409856
services.cron.systemCronJobs = [ services.cron.systemCronJobs = [

View file

@ -39,7 +39,6 @@ in {
libsecret libsecret
qMasterPassword qMasterPassword
restic restic
fwknop
]; ];
}; };
}; };

View file

@ -16,6 +16,8 @@ in {
home-manager = with pkgs; home-manager = with pkgs;
pkgs.lib.setAttrByPath ["users" psCfg.user.name] { pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
home.packages = [ home.packages = [
fwknop
croc
drone-cli drone-cli
nmap nmap
pgcli pgcli

Binary file not shown.

BIN
secrets/fwknoprc.age Normal file

Binary file not shown.

View file

@ -12,6 +12,8 @@ let
in { in {
"example-secret.age".publicKeys = allKeys; "example-secret.age".publicKeys = allKeys;
"environment-secrets.age".publicKeys = allKeys; "environment-secrets.age".publicKeys = allKeys;
"fwknoprc.age".publicKeys = allKeys;
"cat-testenv.ovpn.age".publicKeys = allKeys;
"docker-ci-runner-secrets.age".publicKeys = allKeys; "docker-ci-runner-secrets.age".publicKeys = allKeys;
"test-secret.age".publicKeys = [users.teutat3s-5-nfc]; "test-secret.age".publicKeys = [users.teutat3s-5-nfc];
} }

View file

@ -0,0 +1,48 @@
{
config,
pkgs,
lib,
self,
...
}:
with lib; let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
age.secrets."cat-testenv.ovpn" = {
file = "${self}/secrets/cat-testenv.ovpn.age";
mode = "600";
owner = psCfg.user.name;
};
age.secrets."fwknoprc" = {
file = "${self}/secrets/fwknoprc.age";
path = "${config.users.users."${psCfg.user.name}".home}/.fwknoprc";
mode = "600";
owner = psCfg.user.name;
};
services.openvpn.servers = {
catVPN = {
config = ''config ${config.age.secrets."cat-testenv.ovpn".path}'';
autoStart = false;
};
};
#home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
# programs.ssh = {
# matchBlocks = {
# "salt.base.test" = {
# hostname = "10.0.0.2";
# user = "bbaedorf";
# };
# "salt.gateway.test" = {
# hostname = "10.0.0.3";
# user = "root";
# proxyJump = "salt.base.test";
# };
# };
# };
#};
}

View file

@ -13,6 +13,8 @@ with lib; let
in { in {
imports = [ imports = [
./session-variables.nix ./session-variables.nix
./concepts-and-training.nix
./mnx.nix
]; ];
config = { config = {

18
users/teutat3s/mnx.nix Normal file
View file

@ -0,0 +1,18 @@
{
config,
pkgs,
lib,
self,
...
}:
with lib; let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
environment = {
systemPackages = with pkgs; [
networkmanager-fortisslvpn
openfortivpn
];
};
}