tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tigor:a2e3d507f94c870959a12b85ce837e9226def539
Branches Tags
tigor:main
..
compare: tigor:96c423a77212f9bad6a2bdf0ec87dbc0fae7c9b7
Branches Tags
tigor:main

No commits in common. "a2e3d507f94c870959a12b85ce837e9226def539" and "96c423a77212f9bad6a2bdf0ec87dbc0fae7c9b7" have entirely different histories.
a2e3d507f9 ... 96c423a772

2 changed files with 3 additions and 22 deletions
Show stats Expand all files Collapse all files

12
system/services/openvpn.nix
View file

@ -81,7 +81,7 @@ in
secretPlaceholder = config.sops.placeholder."openvpn/clients/phone"; secretPlaceholder = config.sops.placeholder."openvpn/clients/phone";
ifConfig = "10.8.1.1 10.8.1.2"; ifConfig = "10.8.1.1 10.8.1.2";
}; };
path = "/nas/Syncthing/Sync/VPN/phone.ovpn"; path = "/etc/openvpn/phone.ovpn";
owner = config.profile.user.name; owner = config.profile.user.name;
}; };
"openvpn/key/laptop" = { "openvpn/key/laptop" = {
@ -89,7 +89,7 @@ in
secretPlaceholder = config.sops.placeholder."openvpn/clients/laptop"; secretPlaceholder = config.sops.placeholder."openvpn/clients/laptop";
ifConfig = "10.8.2.1 10.8.2.2"; ifConfig = "10.8.2.1 10.8.2.2";
}; };
path = "/nas/Syncthing/Sync/VPN/laptop.ovpn"; path = "/etc/openvpn/laptop.ovpn";
owner = config.profile.user.name; owner = config.profile.user.name;
}; };
}; };
@ -98,9 +98,6 @@ in
config = '' config = ''
dev ${vpn-dev} dev ${vpn-dev}
proto udp proto udp
status /tmp/openvpn-status.log
comp-lzo no
tls-server tls-server
cipher AES-256-CBC cipher AES-256-CBC
@ -108,6 +105,7 @@ in
server 10.10.10.0 255.255.255.0 server 10.10.10.0 255.255.255.0
allow-compression no
ca ${config.sops.secrets."openvpn/server/ca".path} ca ${config.sops.secrets."openvpn/server/ca".path}
cert ${config.sops.secrets."openvpn/server/cert".path} cert ${config.sops.secrets."openvpn/server/cert".path}
key ${config.sops.secrets."openvpn/server/key".path} key ${config.sops.secrets."openvpn/server/key".path}
@ -118,10 +116,6 @@ in
ping-timer-rem ping-timer-rem
persist-tun persist-tun
persist-key persist-key
push "block-outside-dns"
push "dhcp-option 192.168.100.3"
push "comp-lzo no"
''; '';
autoStart = true; autoStart = true;
}; };

13
system/services/syncthing.nix
View file

@ -41,9 +41,6 @@ in
"/nas/redmage/images/laptop-kerja" = { "/nas/redmage/images/laptop-kerja" = {
label = "Redmage/Laptop-Kerja"; label = "Redmage/Laptop-Kerja";
id = "Redmage/Laptop-Kerja"; id = "Redmage/Laptop-Kerja";
devices = [
"work-laptop"
];
}; };
"/nas/redmage/images/s20fe-sfw" = { "/nas/redmage/images/s20fe-sfw" = {
label = "Redmage/S20FE"; label = "Redmage/S20FE";
@ -68,11 +65,6 @@ in
"onyx" "onyx"
]; ];
}; };
"/nas/Syncthing/Sync/VPN" = {
label = "OpenVPN";
id = "OpenVPN";
devices = lib.attrsets.mapAttrsToList (key: _value: key) config.services.syncthing.settings.devices;
};
}; };
devices = { devices = {
s20fe = { s20fe = {
@ -90,11 +82,6 @@ in
id = "FSTIYS6-REFXIJX-KPLYC4L-QSZO46L-RV3VTPZ-VWVTE7O-Y663OZN-RTKP3QI"; id = "FSTIYS6-REFXIJX-KPLYC4L-QSZO46L-RV3VTPZ-VWVTE7O-Y663OZN-RTKP3QI";
autoAcceptFolders = true; autoAcceptFolders = true;
}; };
work-laptop = {
name = "Work Laptop";
id = "BOU76IK-5AE7ARF-ZQDFOTX-KWUQL22-SAGXBYG-B75JRZA-L4MCYPU-OYTY5AU";
autoAcceptFolders = true;
};
}; };
}; };
overrideFolders = true; overrideFolders = true;