forked from colonelpanic/dotfiles
[NixOS] Fix L2TP configuration for dfinity VPN
This commit is contained in:
parent
9ae2396809
commit
49bb9fdc7f
@ -41,8 +41,14 @@ in
|
|||||||
|
|
||||||
# Security and networking
|
# Security and networking
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
|
||||||
|
environment.etc."ipsec.secrets".text = ''
|
||||||
|
include ipsec.d/ipsec.nm-l2tp.secrets
|
||||||
|
'';
|
||||||
networking.networkmanager = {
|
networking.networkmanager = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
enableStrongSwan = true;
|
||||||
|
packages = [ pkgs.networkmanager-l2tp ];
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
[main]
|
[main]
|
||||||
rc-manager=resolvconf
|
rc-manager=resolvconf
|
||||||
@ -312,20 +318,7 @@ in
|
|||||||
|
|
||||||
services.locate.enable = true;
|
services.locate.enable = true;
|
||||||
|
|
||||||
# services.lorri.enable = true;
|
services.lorri.enable = true;
|
||||||
systemd.user.services.lorri = {
|
|
||||||
description = "Lorri Daemon";
|
|
||||||
requires = [ "lorri.socket" ];
|
|
||||||
after = [ "lorri.socket" ];
|
|
||||||
path = with pkgs; [ config.nix.package gnutar gzip gitFull ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.lorri}/bin/lorri daemon";
|
|
||||||
PrivateTmp = true;
|
|
||||||
ProtectSystem = "strict";
|
|
||||||
ProtectHome = "read-only";
|
|
||||||
Restart = "on-failure";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
exportConfiguration = true;
|
exportConfiguration = true;
|
||||||
@ -396,6 +389,7 @@ in
|
|||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
nix.trustedUsers = ["imalison"];
|
||||||
|
|
||||||
system.stateVersion = "18.03";
|
system.stateVersion = "18.03";
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,10 @@
|
|||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
trustedBinaryCaches = [ https://nix.oregon.dfinity.build ];
|
trustedBinaryCaches = [ https://nix.oregon.dfinity.build ];
|
||||||
binaryCachePublicKeys = [ "hydra.oregon.dfinity.build-2:KMTixHrh9DpAjF/0xU/49VEtNuGzQ71YaVIUSOLUaCM=" ];
|
binaryCachePublicKeys = [
|
||||||
|
"hydra.oregon.dfinity.build-2:KMTixHrh9DpAjF/0xU/49VEtNuGzQ71YaVIUSOLUaCM="
|
||||||
|
"cache.dfinity.systems-1:IcOn/2SVyPGOi8i3hKhQOlyiSQotiOBKwTFmyPX5YNw="
|
||||||
|
];
|
||||||
};
|
};
|
||||||
networking.extraHosts =
|
networking.extraHosts =
|
||||||
''
|
''
|
||||||
|
Loading…
Reference in New Issue
Block a user