restructure home manager

2025-10-15 20:48:38 -05:00
parent cc23884880
commit 9fabb9143e
7 changed files with 845 additions and 27 deletions
--- a/modules/system/vpn-confinement/default.nix
+++ b/modules/system/vpn-confinement/default.nix
@@ -1,12 +1,17 @@
-{ pkgs, config, lib, ... }:
-
-let
-  cfg = config.system.vpn-confinement;
-in
 {
+  pkgs,
+  config,
+  lib,
+  inputs,
+  ...
+}: let
+  cfg = config.system.vpn-confinement;
+in {
+  imports = [inputs.vpn-confinement.nixosModules.default];
+
  options.system.vpn-confinement = {
    enable = lib.mkEnableOption "enables vpn-confinement";
-  
+
    # toggle for mullvad mexico w/ openvpn
    vpncon_mex = lib.mkOption {
      type = lib.types.bool;
@@ -16,7 +21,6 @@ in
  };

  config = lib.mkIf cfg.enable {
-    
    # Define VPN network namespace
    vpnNamespaces.wgmex = {
      enable = true;
@@ -25,17 +29,25 @@ in
        "10.0.0.0/8"
      ];
      portMappings = [
-        { from = 7103; to = 7103; }
+        {
+          from = 7103;
+          to = 7103;
+        }
+      ];
+      openVPNPorts = [
+        {
+          port = 51820;
+          protocol = "both";
+        }
      ];
-      openVPNPorts = [{
-        port = 51820;
-        protocol = "both";
-      }];
    };

    # secrets only if VPN is enabled
    sops.secrets = {
-      "vpncon_mex_config" = { owner = "root"; group = "root"; };
+      "vpncon_mex_config" = {
+        owner = "root";
+        group = "root";
+      };
    };
- };
+  };
 }