diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-16 17:40:07 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-16 20:20:45 +0200 |
commit | 4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0 (patch) | |
tree | 9a7ede9ac3f1899074e9ef568a447f883191d3b5 /modules/private/vpn | |
parent | da30ae4ffdd153a1eb32fb86f9ca9a65aa19e4e2 (diff) | |
download | Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.gz Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.tar.zst Nix-4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0.zip |
Use attrs for secrets instead of lists
Diffstat (limited to 'modules/private/vpn')
-rw-r--r-- | modules/private/vpn/default.nix | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/modules/private/vpn/default.nix b/modules/private/vpn/default.nix index a9051af..d4b197d 100644 --- a/modules/private/vpn/default.nix +++ b/modules/private/vpn/default.nix | |||
@@ -8,22 +8,20 @@ in | |||
8 | }; | 8 | }; |
9 | 9 | ||
10 | config = lib.mkIf cfg.enable { | 10 | config = lib.mkIf cfg.enable { |
11 | secrets.keys = [ | 11 | secrets.keys = { |
12 | { | 12 | "tinc/key.priv" = { |
13 | dest = "tinc/key.priv"; | ||
14 | user = "root"; | 13 | user = "root"; |
15 | group = "root"; | 14 | group = "root"; |
16 | permissions = "0400"; | 15 | permissions = "0400"; |
17 | text = config.myEnv.vpn.eldiron.privateKey; | 16 | text = config.myEnv.vpn.eldiron.privateKey; |
18 | } | 17 | }; |
19 | { | 18 | "tinc/key.pub" = { |
20 | dest = "tinc/key.pub"; | ||
21 | user = "root"; | 19 | user = "root"; |
22 | group = "root"; | 20 | group = "root"; |
23 | permissions = "0400"; | 21 | permissions = "0400"; |
24 | text = config.myEnv.vpn.eldiron.publicKey; | 22 | text = config.myEnv.vpn.eldiron.publicKey; |
25 | } | 23 | }; |
26 | ]; | 24 | }; |
27 | networking.firewall.allowedTCPPorts = [ 655 1194 ]; | 25 | networking.firewall.allowedTCPPorts = [ 655 1194 ]; |
28 | system.activationScripts.tinc = let | 26 | system.activationScripts.tinc = let |
29 | configFiles = pkgs.runCommand "tinc-files" { | 27 | configFiles = pkgs.runCommand "tinc-files" { |