From f819e30b03dffcf9e74af4b8552e4a8ab8f54c58 Mon Sep 17 00:00:00 2001 From: Jon Santmyer Date: Fri, 29 Sep 2023 14:22:24 -0400 Subject: major reorganizing to seperate modules --- modules/vpn/default.nix | 3 +++ modules/vpn/mullvad/default.nix | 49 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 modules/vpn/default.nix create mode 100644 modules/vpn/mullvad/default.nix (limited to 'modules/vpn') diff --git a/modules/vpn/default.nix b/modules/vpn/default.nix new file mode 100644 index 0000000..6640ba6 --- /dev/null +++ b/modules/vpn/default.nix @@ -0,0 +1,3 @@ +[ + ./mullvad +] diff --git a/modules/vpn/mullvad/default.nix b/modules/vpn/mullvad/default.nix new file mode 100644 index 0000000..c6c9038 --- /dev/null +++ b/modules/vpn/mullvad/default.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, user, ... }: +with lib; +{ + options = { + mullvad-vpn = { + enable = mkOption { + type = types.bool; + default = false; + }; + }; + }; + + config = mkIf (config.mullvad-vpn.enable) + { + services.openvpn = { + servers = { + MullvadVPN-US-Miami = { + config = '' +client +dev tun +resolv-retry infinite +nobind +persist-key +persist-tun +verb 3 +remote-cert-tls server +ping 10 +ping-restart 60 +sndbuf 524288 +rcvbuf 524288 +cipher AES-256-GCM +tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 +proto udp +auth-user-pass /etc/nixos/secrets/mullvad_us_mia/mullvad_userpass.txt +ca /etc/nixos/secrets/mullvad_us_mia/mullvad_ca.crt +tun-ipv6 +script-security 2 +up /etc/nixos/secrets/mullvad_us_mia/update-resolv-conf +down /etc/nixos/secrets/mullvad_us_mia/update-resolv-conf +fast-io +remote-random +remote 146.70.187.194 1302 # us-mia-ovpn-101 +remote 146.70.183.66 1302 # us-mia-ovpn-102 + ''; + }; + }; + }; + }; +} -- cgit v1.2.1