rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-04-25 16:08:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

thinkpad: remove declarative agdsn vpn

Browse source
This commit is contained in:
Rouven Seifert 2025-04-24 10:02:59 +02:00
parent 8178023c14
commit 7e2ec684ba
3 changed files with 0 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

23
hosts/thinkpad/modules/networks/uni.nix
View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
age.secrets = { age.secrets = {
agdsn.file = ../../../../secrets/thinkpad/agdsn.age;
dyport-auth = { dyport-auth = {
file = ../../../../secrets/thinkpad/dyport-auth.age; file = ../../../../secrets/thinkpad/dyport-auth.age;
}; };
@ -104,28 +103,6 @@
}; };
}; };
systemd.services = { systemd.services = {
openfortivpn-agdsn = {
description = "AG DSN Fortinet VPN";
script = "${pkgs.openfortivpn}/bin/openfortivpn vpn.agdsn.de:443 --realm admin-vpn -u r5 -p $(cat $CREDENTIALS_DIRECTORY/password) --trusted-cert 82ed105286f02f4308f3c525a4034caed6cb738c3336f0f1da52421d419c87a9";
requires = [ "network-online.target" ];
after = [ "network.target" "network-online.target" ];
serviceConfig = {
Type = "simple";
LoadCredential = [
"password:${config.age.secrets.agdsn.path}"
];
ProtectSystem = true;
ProtectKernelLogs = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectHome = true;
ProtectClock = true;
PrivateTmp = true;
LockPersonality = true;
};
};
# fix systemd dependencies for supplicant services # fix systemd dependencies for supplicant services
"supplicant-lan@" = { "supplicant-lan@" = {
wantedBy = lib.mkForce [ ]; wantedBy = lib.mkForce [ ];

1
secrets.nix
View file

@ -7,7 +7,6 @@ in
{ {
# thinkpad # thinkpad
"secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ];
"secrets/thinkpad/agdsn.age".publicKeys = [ rouven thinkpad ];
"secrets/thinkpad/dyport-auth.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/dyport-auth.age".publicKeys = [ rouven thinkpad ];
"secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ];
"secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ];

7
secrets/thinkpad/agdsn.age
View file

@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 uWbAHQ X/P87D8iMo5RKTEU8pZt+xG9Ebx64cDHAX/n4ks8egA
9zcpVqoCnDDs27SjbjNW+mJF+o/svGy0v0JNJxDTegU
-> ssh-ed25519 EVzt9Q v6gZYjKb/gisiCyeKKHRA0xlcAO2oFEomu2oRPuf6S8
uw0LguP73eWbx+NX6DHJK6kzoxj7jIc1OBYPAOBLY0o
--- Zus0cOOXQVwuzHkYRm7IpKVqG1KxgflB9sLOrFP56Ks
‚Ò¢#œîe\>ÝJ$惊{Yç¿•µ±,;?<18><><EFBFBD>XìÁ<C3AC>%½‹·>Úž<C39A>Aï`Nó`ØýzûÍ