]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - systems/eldiron/vpn/default.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Squash changes containing private information
[perso/Immae/Config/Nix.git] / systems / eldiron / vpn / default.nix
diff --git a/modules/private/vpn/default.nix b/systems/eldiron/vpn/default.nix
similarity index 61%
rename from modules/private/vpn/default.nix
rename to systems/eldiron/vpn/default.nix
index d4b197d2e9fc3bb33ebd4697788941bb3660c0c6..df56249f7ed4e15fa4b8c5cf900869f3b165a18b 100644 (file)
--- a/modules/private/vpn/default.nix
+++ b/systems/eldiron/vpn/default.nix
@@ -8,6 +8,33 @@ in
   };
 
   config = lib.mkIf cfg.enable {
+    myServices.dns.zones."immae.eu".subdomains.vpn = with config.myServices.dns.helpers;
+      ips servers.eldiron.ips.main // {
+        subdomains.gw.AAAA = [ "${config.myEnv.vpn.eldiron.prefix}:0:ffff:1" ];
+        # Fake address to designate the subnet
+        subdomains.sn.AAAA = [ "${config.myEnv.vpn.eldiron.prefix}::" ];
+      };
+    myServices.chatonsProperties.hostings.vpn = {
+      file.datetime = "2022-08-27T18:00:00";
+      hosting = {
+        name = "VPN";
+        description = "VPN";
+        website = "https://vpn.immae.eu";
+        logo = "https://tinc-vpn.org/favicon.ico";
+        status.level = "OK";
+        status.description = "OK";
+        registration.load = "FULL";
+        install.type = "PACKAGE";
+      };
+      software = {
+        name = "tinc";
+        website = "https://tinc-vpn.org/";
+        license.url = "https://www.gnu.org/licenses/old-licenses/gpl-2.0.html";
+        license.name = "GNU General Public License v2.0";
+        version = pkgs.tinc.version;
+        source.url = "https://tinc-vpn.org/git/browse?p=tinc";
+      };
+    };
     secrets.keys = {
       "tinc/key.priv" = {
         user = "root";
@@ -52,7 +79,7 @@ in
       description = "Tinc Daemon - Immae";
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" ];
-      path = [ pkgs.tinc pkgs.bashInteractive pkgs.iproute pkgs.gnused pkgs.gawk pkgs.git pkgs.glibc ];
+      path = [ pkgs.getent pkgs.tinc pkgs.bashInteractive pkgs.iproute pkgs.gnused pkgs.gawk pkgs.git pkgs.glibc ];
       serviceConfig = {
         Slice = "tinc.slice";
         Type = "simple";
My infrastructure configuration