remove dependency of vpn.nix on sops-nix

part of #24
2024-02-07 22:53:57 -08:00 · 2024-02-07 22:53:57 -08:00 · be4b09890e
commit be4b09890e
parent b90054f7bc
1 changed files with 2 additions and 15 deletions
--- a/modules/blocks/vpn.nix
+++ b/modules/blocks/vpn.nix
@ -232,7 +232,7 @@ in
            type = lib.types.str;
          };

-          sopsFile = lib.mkOption {
+          authFile = lib.mkOption {
            description = "Location of file holding authentication secrets for provider.";
            type = lib.types.anything;
          };
@ -264,8 +264,7 @@ in

            config = nordvpnConfig {
              inherit name;
-              inherit (c) dev remoteServerIP;
-              authFile = config.sops.secrets."${name}/auth".path;
+              inherit (c) dev remoteServerIP authFile;
              dependentServices = lib.optional (c.proxyPort != null) "tinyproxy-${name}.service";
            };
          };
@ -273,18 +272,6 @@ in
      in
        lib.mkMerge (lib.mapAttrsToList instanceConfig cfg);

-    sops.secrets =
-      let
-        instanceConfig = name: c: lib.mkIf c.enable {
-          "${name}/auth" = {
-            sopsFile = c.sopsFile;
-            mode = "0440";
-            restartUnits = [ "openvpn-${name}" ];
-          };
-        };
-      in
-        lib.mkMerge (lib.mapAttrsToList instanceConfig cfg);
-
    systemd.tmpfiles.rules = map (name:
      "d /tmp/openvpn/${name}.status 0700 root root"
    ) (lib.attrNames cfg);