stockholm/jeschli/1systems/bln/dcso-vpn.nix

with import <stockholm/lib>;
{ ... }:

{

  users.extraUsers = {
    dcsovpn = rec {
      name = "dcsovpn";
      uid = genid "dcsovpn";
      description = "user for running dcso openvpn";
      home = "/home/${name}";
    };
  };

  users.extraGroups.dcsovpn.gid = genid "dcsovpn";

  services.openvpn.servers = {
    dcso = {
      config = ''
        client
        dev tun
        tun-mtu 1356
        mssfix
        proto udp
        float
        remote 217.111.55.41 1194
        nobind
        user dcsovpn
        group dcsovpn
        persist-key
        persist-tun
        ca ${toString <secrets/dcsovpn/ca.pem>}
        cert ${toString <secrets/dcsovpn/cert.pem>}
        key ${toString <secrets/dcsovpn/cert.key>}
        verb 3
        mute 20
        auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
        route-method exe
        route-delay 2
      '';
      updateResolvConf = true;
    };
  };
}
j bln: +dcso-vpn 2018-06-19 07:12:04 +00:00			`with import <stockholm/lib>;`
			`{ ... }:`

			`{`

			`users.extraUsers = {`
			`dcsovpn = rec {`
			`name = "dcsovpn";`
			`uid = genid "dcsovpn";`
			`description = "user for running dcso openvpn";`
			`home = "/home/${name}";`
			`};`
			`};`

			`users.extraGroups.dcsovpn.gid = genid "dcsovpn";`

			`services.openvpn.servers = {`
			`dcso = {`
			`config = ''`
			`client`
			`dev tun`
			`tun-mtu 1356`
			`mssfix`
			`proto udp`
			`float`
			`remote 217.111.55.41 1194`
			`nobind`
			`user dcsovpn`
			`group dcsovpn`
			`persist-key`
			`persist-tun`
			`ca ${toString <secrets/dcsovpn/ca.pem>}`
			`cert ${toString <secrets/dcsovpn/cert.pem>}`
			`key ${toString <secrets/dcsovpn/cert.key>}`
			`verb 3`
			`mute 20`
			`auth-user-pass ${toString <secrets/dcsovpn/login.txt>}`
			`route-method exe`
			`route-delay 2`
			`'';`
			`updateResolvConf = true;`
			`};`
			`};`
			`}`