aboutsummaryrefslogtreecommitdiff
path: root/modules/private/vpn/default.nix
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2021-10-16 17:40:07 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2021-10-16 20:20:45 +0200
commit4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0 (patch)
tree9a7ede9ac3f1899074e9ef568a447f883191d3b5 /modules/private/vpn/default.nix
parentda30ae4ffdd153a1eb32fb86f9ca9a65aa19e4e2 (diff)
downloadNix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.gz
Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.zst
Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.zip
Use attrs for secrets instead of lists
Diffstat (limited to 'modules/private/vpn/default.nix')
-rw-r--r--modules/private/vpn/default.nix14
1 files changed, 6 insertions, 8 deletions
diff --git a/modules/private/vpn/default.nix b/modules/private/vpn/default.nix
index a9051af..d4b197d 100644
--- a/modules/private/vpn/default.nix
+++ b/modules/private/vpn/default.nix
@@ -8,22 +8,20 @@ in
8 }; 8 };
9 9
10 config = lib.mkIf cfg.enable { 10 config = lib.mkIf cfg.enable {
11 secrets.keys = [ 11 secrets.keys = {
12 { 12 "tinc/key.priv" = {
13 dest = "tinc/key.priv";
14 user = "root"; 13 user = "root";
15 group = "root"; 14 group = "root";
16 permissions = "0400"; 15 permissions = "0400";
17 text = config.myEnv.vpn.eldiron.privateKey; 16 text = config.myEnv.vpn.eldiron.privateKey;
18 } 17 };
19 { 18 "tinc/key.pub" = {
20 dest = "tinc/key.pub";
21 user = "root"; 19 user = "root";
22 group = "root"; 20 group = "root";
23 permissions = "0400"; 21 permissions = "0400";
24 text = config.myEnv.vpn.eldiron.publicKey; 22 text = config.myEnv.vpn.eldiron.publicKey;
25 } 23 };
26 ]; 24 };
27 networking.firewall.allowedTCPPorts = [ 655 1194 ]; 25 networking.firewall.allowedTCPPorts = [ 655 1194 ];
28 system.activationScripts.tinc = let 26 system.activationScripts.tinc = let
29 configFiles = pkgs.runCommand "tinc-files" { 27 configFiles = pkgs.runCommand "tinc-files" {
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-24 01:00:41 +0000