59 lines
1.4 KiB
Nix
59 lines
1.4 KiB
Nix
{ pkgs, lib, config, ... }:
|
|
let
|
|
openvpnEnabled = config.mod.openvpn.enable;
|
|
|
|
work-vpn = let
|
|
ovpnconfig = config.age.secrets.work-ovpn.path;
|
|
userpass = config.age.secrets.work-ovpn-userpass.path;
|
|
in
|
|
pkgs.writeShellApplication {
|
|
name = "work-vpn";
|
|
text = ''
|
|
sudo \
|
|
${pkgs.openvpn}/bin/openvpn \
|
|
--script-security 2 \
|
|
--up ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved \
|
|
--up-restart \
|
|
--down ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved \
|
|
--down-pre \
|
|
--config ${ovpnconfig} \
|
|
--auth-user-pass ${userpass}
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
home-manager.users.alex = {
|
|
programs.git = {
|
|
includes = [
|
|
{
|
|
path = ./work-gitconfig;
|
|
condition = "gitdir:~/code/work/";
|
|
}
|
|
];
|
|
};
|
|
|
|
programs.go = {
|
|
goPrivate = [ "gitlab.com/zebware/*" ];
|
|
};
|
|
|
|
home.packages = lib.mkIf openvpnEnabled [ work-vpn ];
|
|
};
|
|
|
|
age.secrets = {
|
|
"netrc" = {
|
|
file = ../../../../secrets/pinwheel/netrc.age;
|
|
path = "/home/alex/.netrc";
|
|
owner = "alex";
|
|
group = "users";
|
|
};
|
|
|
|
"work-ovpn" = lib.mkIf openvpnEnabled {
|
|
file = ../../../../secrets/pinwheel/work-ovpn.age;
|
|
};
|
|
|
|
"work-ovpn-userpass" = lib.mkIf openvpnEnabled {
|
|
file = ../../../../secrets/pinwheel/work-ovpn-userpass.age;
|
|
};
|
|
};
|
|
}
|