2022-07-15 13:11:54 +02:00
|
|
|
{ config
|
|
|
|
, lib
|
|
|
|
, pkgs
|
|
|
|
, ...
|
|
|
|
}:
|
2022-05-26 13:45:06 +02:00
|
|
|
|
2022-07-15 13:11:54 +02:00
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.my.services.openconnect;
|
|
|
|
in
|
2022-05-26 13:45:06 +02:00
|
|
|
{
|
2022-07-15 13:11:54 +02:00
|
|
|
options.my.services.openconnect = {
|
|
|
|
enable = mkOption {
|
|
|
|
default = false;
|
|
|
|
type = types.bool;
|
|
|
|
example = true;
|
2022-05-26 13:45:06 +02:00
|
|
|
};
|
|
|
|
};
|
2022-07-15 13:11:54 +02:00
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
networking.openconnect.interfaces = {
|
|
|
|
university = {
|
|
|
|
autoStart = false;
|
|
|
|
gateway = "vpn.uni-leipzig.de";
|
|
|
|
protocol = "anyconnect";
|
|
|
|
user = "mb18cele@uni-leipzig.de";
|
|
|
|
# NOTE file content as follows:
|
|
|
|
# <my_password>
|
|
|
|
# "1-Standard-Uni" or "2-Spezial-Alles"
|
|
|
|
# Explanation:
|
|
|
|
# 1-Standard-Uni = Uni Dienste über VPN (Standard)
|
|
|
|
# 2-Spezial-Alles = Gesamter Datenverkehr über VPN (Spezial)
|
|
|
|
passwordFile = "/run/agenix/uniVPN";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
age.secrets.uniVPN = {
|
|
|
|
file = ../../secrets/uni-vpn.age;
|
|
|
|
owner = "1000";
|
|
|
|
};
|
2022-05-26 13:45:06 +02:00
|
|
|
};
|
|
|
|
}
|