37 lines
801 B
Nix
37 lines
801 B
Nix
{ pkgs, config, lib, ... }:
|
|
|
|
let
|
|
cfg = config.modules.system.vpns;
|
|
in
|
|
{
|
|
options.modules.system.vpns = {
|
|
enable = lib.mkEnableOption "enables vpns";
|
|
|
|
# toggle for pia mexico w/ openvpn
|
|
openvpn_pia_mexico = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
description = "enable pia vpn to mexico using openvpn";
|
|
};
|
|
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
# enable pia mexico w/ openvpn
|
|
config = lib.mkIf cfg.openvpn_pia_mexico {
|
|
services.openvpn.servers.pia-mexico = {
|
|
enable = true;
|
|
config = config.sops.secrets."openvpn_pia_mexico_config".path;
|
|
sops.secrets = {
|
|
"openvpn_pia_mexico_config" = {
|
|
owner = root;
|
|
group = root;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
};
|
|
}
|