decouple vpn and proxies

m/vpn/hft.nix

@@ -2,6 +2,7 @@
 let
   types = lib.types;
   hft = config.maid.vpn.hft;
+  proxies = config.maid.proxies;
 in
 {
   options.maid.vpn.hft = {
@@ -14,6 +15,12 @@ in
   };
 
   config = lib.mkIf hft.enable {
+    assertions = [
+      { assertion = proxies.yor.enable;
+        message = "HFT OpenVPN requires shadowsocks server to bypass DPI";
+      }
+    ];
+
     services.openvpn.servers.hft = {
       autoStart = hft.autoStart;
       updateResolvConf = true;
@@ -24,16 +31,8 @@ in
       '';
     };
 
-    systemd.services.hft-shadowsocks = {
-      wantedBy = [ "openvpn-hft.service" ];
-      partOf = [ "openvpn-hft.service" ];
-      after = [ "network.target" ];
-
-      description = "Shadowsocks to bypass OpenVPN block";
-      serviceConfig = {
-        Type = "simple";
-        ExecStart = ''${pkgs.shadowsocks-rust}/bin/sslocal --config ${config.sops.secrets."work/shadowsocks".path}'';
-      };
-    };
+    systemd.services.openvpn-hft.requires = [
+      "yor-proxy.service"
+    ];
   };
 }