19 lines
472 B
Nix
19 lines
472 B
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
secrets = config.sops.secrets;
|
|
in
|
|
{
|
|
sops.secrets."work/ovpn".sopsFile = ../../secrets/work.yaml;
|
|
sops.secrets."work/password".sopsFile = ../../secrets/work.yaml;
|
|
|
|
services.openvpn.servers.hft = {
|
|
autoStart = false;
|
|
updateResolvConf = true;
|
|
|
|
config = ''
|
|
config ${secrets."work/ovpn".path}
|
|
askpass ${secrets."work/password".path}
|
|
'';
|
|
};
|
|
systemd.services.openvpn-hft.requires = ["yor-proxy.service"];
|
|
}
|