l helios.r: add dcsovpn
This commit is contained in:
parent
4e6827b8cd
commit
ba663f0445
@ -11,6 +11,7 @@ with import <stockholm/lib>;
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
<stockholm/lass/2configs/otp-ssh.nix>
|
||||
<stockholm/lass/2configs/git.nix>
|
||||
<stockholm/lass/2configs/dcso-vpn.nix>
|
||||
{ # automatic hardware detection
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
44
lass/2configs/dcso-vpn.nix
Normal file
44
lass/2configs/dcso-vpn.nix
Normal file
@ -0,0 +1,44 @@
|
||||
with import <stockholm/lib>;
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
|
||||
users.extraUsers = {
|
||||
dcsovpn = rec {
|
||||
name = "dcsovpn";
|
||||
uid = genid "dcsovpn";
|
||||
description = "user for running dcso openvpn";
|
||||
home = "/home/${name}";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraGroups.dcsovpn.gid = genid "dcsovpn";
|
||||
|
||||
services.openvpn.servers = {
|
||||
dcso = {
|
||||
config = ''
|
||||
client
|
||||
dev tun
|
||||
tun-mtu 1356
|
||||
mssfix
|
||||
proto udp
|
||||
float
|
||||
remote 217.111.55.41 1194
|
||||
nobind
|
||||
user dcsovpn
|
||||
group dcsovpn
|
||||
persist-key
|
||||
persist-tun
|
||||
ca ${toString <secrets/dcsovpn/ca.pem>}
|
||||
cert ${toString <secrets/dcsovpn/cert.pem>}
|
||||
key ${toString <secrets/dcsovpn/cert.key>}
|
||||
verb 3
|
||||
mute 20
|
||||
auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
|
||||
route-method exe
|
||||
route-delay 2
|
||||
'';
|
||||
updateResolvConf = true;
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user