diff options
| author | Jon Santmyer <jon@jonsantmyer.com> | 2023-09-29 14:22:24 -0400 |
|---|---|---|
| committer | Jon Santmyer <jon@jonsantmyer.com> | 2023-09-29 14:22:24 -0400 |
| commit | f819e30b03dffcf9e74af4b8552e4a8ab8f54c58 (patch) | |
| tree | c05f4f1db738d6cd9d2824b5000c6afc3b1d61d1 /modules/vpn/mullvad | |
| parent | d3bb6cbb4724bc8f18f72fa3fea3e65f73ae8d09 (diff) | |
| download | nix-config-f819e30b03dffcf9e74af4b8552e4a8ab8f54c58.tar.gz nix-config-f819e30b03dffcf9e74af4b8552e4a8ab8f54c58.tar.bz2 nix-config-f819e30b03dffcf9e74af4b8552e4a8ab8f54c58.zip | |
major reorganizing to seperate modules
Diffstat (limited to 'modules/vpn/mullvad')
| -rw-r--r-- | modules/vpn/mullvad/default.nix | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/modules/vpn/mullvad/default.nix b/modules/vpn/mullvad/default.nix new file mode 100644 index 0000000..c6c9038 --- /dev/null +++ b/modules/vpn/mullvad/default.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, user, ... }: +with lib; +{ + options = { + mullvad-vpn = { + enable = mkOption { + type = types.bool; + default = false; + }; + }; + }; + + config = mkIf (config.mullvad-vpn.enable) + { + services.openvpn = { + servers = { + MullvadVPN-US-Miami = { + config = '' +client +dev tun +resolv-retry infinite +nobind +persist-key +persist-tun +verb 3 +remote-cert-tls server +ping 10 +ping-restart 60 +sndbuf 524288 +rcvbuf 524288 +cipher AES-256-GCM +tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 +proto udp +auth-user-pass /etc/nixos/secrets/mullvad_us_mia/mullvad_userpass.txt +ca /etc/nixos/secrets/mullvad_us_mia/mullvad_ca.crt +tun-ipv6 +script-security 2 +up /etc/nixos/secrets/mullvad_us_mia/update-resolv-conf +down /etc/nixos/secrets/mullvad_us_mia/update-resolv-conf +fast-io +remote-random +remote 146.70.187.194 1302 # us-mia-ovpn-101 +remote 146.70.183.66 1302 # us-mia-ovpn-102 + ''; + }; + }; + }; + }; +} |