changes

2024-10-16 20:24:40 +02:00
parent b7bfb0f62a
commit c681eb3139
110 changed files with 2924 additions and 720 deletions
--- a/hosts/fw-new/modules/openconnect.nix
+++ b/hosts/fw-new/modules/openconnect.nix
@@ -0,0 +1,41 @@
+{ config, pkgs, stdenv, ... }:
+let
+  vpnc = pkgs.writeShellScript "vpnc" ''
+    export INTERNAL_IP4_DNS=
+    . ${pkgs.vpnc-scripts}/bin/vpnc-script
+  '';
+in
+{
+  sops.secrets.wrwks_vpn_key = {};
+
+  networking.openconnect.interfaces = {
+    wrwks = {
+      gateway = "vpn.wrwks.at";
+      passwordFile = config.sops.secrets.wrwks_vpn_key.path;
+      protocol = "anyconnect";
+      user = "exdpolakovics@wrwks.local";
+      extraOptions = {
+        authgroup = "WRWKS-SSL-VPN-Service";
+        script = "${vpnc}";
+      };
+    };
+  };
+
+
+  systemd.services.openconnect-wrwks-keepalive = {
+    serviceConfig.Type = "oneshot";
+    path = with pkgs; [ bash inetutils ];
+    script = ''
+      ping -c 2 stage.wsw.at
+    '';
+  };
+
+  systemd.timers.openconnect-wrwks-keepalive = {
+    wantedBy = [ "timers.target" ];
+    partOf = [ "openconnect-wrwks-keepalive.service" ];
+    timerConfig = {
+      OnCalendar = "*:0/1";
+      Unit = "openconnect-wrwks-keepalive.service";
+    };
+  };
+}