From 35b1126a9798cea570a063a6cd931b49fb0cc8b5 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Thu, 7 Dec 2023 11:28:48 +0100
Subject: [PATCH] try vpnc script

---
 hosts/fw.cloonar.com/modules/openconnect.nix | 21 +++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/hosts/fw.cloonar.com/modules/openconnect.nix b/hosts/fw.cloonar.com/modules/openconnect.nix
index 61b03a7..8fe9127 100644
--- a/hosts/fw.cloonar.com/modules/openconnect.nix
+++ b/hosts/fw.cloonar.com/modules/openconnect.nix
@@ -1,4 +1,20 @@
-{ config, ... }: {
+{ config, pkgs, ... }:
+let
+  vpnc = { name, sha256 }:
+    stdenv.mkDerivation {
+      inherit name;
+      outputHashMode = "recursive";
+      outputHashAlgo = "sha256";
+      outputHash = sha256;
+      builder = writeShellScript "vpnc-script.sh" ''
+        #!/bin/sh
+        export INTERNAL_IP4_DNS=
+
+        . ${pkgs.vpnc-scripts}/vpnc-script
+      '';
+    };
+in
+{
   sops.secrets.wrwks_vpn_key = {};
 
   networking.openconnect.interfaces = {
@@ -7,6 +23,9 @@
       passwordFile = config.sops.secrets.wrwks_vpn_key.path;
       protocol = "anyconnect";
       user = "exdpolakovics@wrwks.local";
+      extraOptions = {
+        script = "${vpnc}/bin/vpnc-script.sh";
+      }
     };
   };
 }