1
0
Fork 0

remove dependency of vpn.nix on sops-nix

part of #24
This commit is contained in:
ibizaman 2024-02-07 22:53:57 -08:00
parent b90054f7bc
commit be4b09890e

View file

@ -232,7 +232,7 @@ in
type = lib.types.str;
};
sopsFile = lib.mkOption {
authFile = lib.mkOption {
description = "Location of file holding authentication secrets for provider.";
type = lib.types.anything;
};
@ -264,8 +264,7 @@ in
config = nordvpnConfig {
inherit name;
inherit (c) dev remoteServerIP;
authFile = config.sops.secrets."${name}/auth".path;
inherit (c) dev remoteServerIP authFile;
dependentServices = lib.optional (c.proxyPort != null) "tinyproxy-${name}.service";
};
};
@ -273,18 +272,6 @@ in
in
lib.mkMerge (lib.mapAttrsToList instanceConfig cfg);
sops.secrets =
let
instanceConfig = name: c: lib.mkIf c.enable {
"${name}/auth" = {
sopsFile = c.sopsFile;
mode = "0440";
restartUnits = [ "openvpn-${name}" ];
};
};
in
lib.mkMerge (lib.mapAttrsToList instanceConfig cfg);
systemd.tmpfiles.rules = map (name:
"d /tmp/openvpn/${name}.status 0700 root root"
) (lib.attrNames cfg);