forked from colonelpanic/dotfiles
[NixOS] Fix L2TP configuration for dfinity VPN
This commit is contained in:
parent
9ae2396809
commit
49bb9fdc7f
@ -41,8 +41,14 @@ in
|
||||
|
||||
# Security and networking
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
|
||||
environment.etc."ipsec.secrets".text = ''
|
||||
include ipsec.d/ipsec.nm-l2tp.secrets
|
||||
'';
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
enableStrongSwan = true;
|
||||
packages = [ pkgs.networkmanager-l2tp ];
|
||||
extraConfig = ''
|
||||
[main]
|
||||
rc-manager=resolvconf
|
||||
@ -312,20 +318,7 @@ in
|
||||
|
||||
services.locate.enable = true;
|
||||
|
||||
# services.lorri.enable = true;
|
||||
systemd.user.services.lorri = {
|
||||
description = "Lorri Daemon";
|
||||
requires = [ "lorri.socket" ];
|
||||
after = [ "lorri.socket" ];
|
||||
path = with pkgs; [ config.nix.package gnutar gzip gitFull ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.lorri}/bin/lorri daemon";
|
||||
PrivateTmp = true;
|
||||
ProtectSystem = "strict";
|
||||
ProtectHome = "read-only";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
services.lorri.enable = true;
|
||||
|
||||
services.xserver = {
|
||||
exportConfiguration = true;
|
||||
@ -396,6 +389,7 @@ in
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
};
|
||||
nix.trustedUsers = ["imalison"];
|
||||
|
||||
system.stateVersion = "18.03";
|
||||
}
|
||||
|
@ -1,7 +1,10 @@
|
||||
{
|
||||
nix = {
|
||||
trustedBinaryCaches = [ https://nix.oregon.dfinity.build ];
|
||||
binaryCachePublicKeys = [ "hydra.oregon.dfinity.build-2:KMTixHrh9DpAjF/0xU/49VEtNuGzQ71YaVIUSOLUaCM=" ];
|
||||
binaryCachePublicKeys = [
|
||||
"hydra.oregon.dfinity.build-2:KMTixHrh9DpAjF/0xU/49VEtNuGzQ71YaVIUSOLUaCM="
|
||||
"cache.dfinity.systems-1:IcOn/2SVyPGOi8i3hKhQOlyiSQotiOBKwTFmyPX5YNw="
|
||||
];
|
||||
};
|
||||
networking.extraHosts =
|
||||
''
|
||||
|
Loading…
Reference in New Issue
Block a user