32 lines
714 B
Nix
32 lines
714 B
Nix
{ config, pkgs, ... }:
|
|
let
|
|
vpnc = { name, sha256 }:
|
|
stdenv.mkDerivation {
|
|
inherit name;
|
|
outputHashMode = "recursive";
|
|
outputHashAlgo = "sha256";
|
|
outputHash = sha256;
|
|
builder = writeShellScript "vpnc-script.sh" ''
|
|
#!/bin/sh
|
|
export INTERNAL_IP4_DNS=
|
|
|
|
. ${pkgs.vpnc-scripts}/vpnc-script
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
sops.secrets.wrwks_vpn_key = {};
|
|
|
|
networking.openconnect.interfaces = {
|
|
wrwks = {
|
|
gateway = "vpn.wrwks.at";
|
|
passwordFile = config.sops.secrets.wrwks_vpn_key.path;
|
|
protocol = "anyconnect";
|
|
user = "exdpolakovics@wrwks.local";
|
|
extraOptions = {
|
|
script = "${vpnc}/bin/vpnc-script.sh";
|
|
}
|
|
};
|
|
};
|
|
}
|