42 lines
977 B
Nix
42 lines
977 B
Nix
{ config, pkgs, stdenv, ... }:
|
|
let
|
|
vpnc = pkgs.writeShellScript "vpnc" ''
|
|
export INTERNAL_IP4_DNS=
|
|
. ${pkgs.vpnc-scripts}/bin/vpnc-script
|
|
'';
|
|
in
|
|
{
|
|
sops.secrets.wrwks_vpn_key = {};
|
|
|
|
networking.openconnect.interfaces = {
|
|
wrwks = {
|
|
gateway = "vpn.wrwks.at";
|
|
passwordFile = config.sops.secrets.wrwks_vpn_key.path;
|
|
protocol = "anyconnect";
|
|
user = "exdpolakovics@wrwks.local";
|
|
extraOptions = {
|
|
authgroup = "WRWKS-SSL-VPN-Service";
|
|
script = "${vpnc}";
|
|
};
|
|
};
|
|
};
|
|
|
|
|
|
systemd.services.openconnect-wrwks-keepalive = {
|
|
serviceConfig.Type = "oneshot";
|
|
path = with pkgs; [ bash inetutils ];
|
|
script = ''
|
|
ping -c 2 stage.wsw.at
|
|
'';
|
|
};
|
|
|
|
systemd.timers.openconnect-wrwks-keepalive = {
|
|
wantedBy = [ "timers.target" ];
|
|
partOf = [ "openconnect-wrwks-keepalive.service" ];
|
|
timerConfig = {
|
|
OnCalendar = "*:0/1";
|
|
Unit = "openconnect-wrwks-keepalive.service";
|
|
};
|
|
};
|
|
}
|