diff --git a/hosts/inspiron/default.nix b/hosts/inspiron/default.nix index f837940..e2e8ee4 100644 --- a/hosts/inspiron/default.nix +++ b/hosts/inspiron/default.nix @@ -22,7 +22,6 @@ sound.enable = true; vm.qemu.enable = true; flatpak.enable = true; - vpn.lgs.enable = true; comma.enable = true; sops.enable = true; printing.enable = true; diff --git a/hosts/inspiron/secrets.yaml b/hosts/inspiron/secrets.yaml index bad7637..9fc0c15 100644 --- a/hosts/inspiron/secrets.yaml +++ b/hosts/inspiron/secrets.yaml @@ -2,11 +2,6 @@ seb-password: ENC[AES256_GCM,data:LlW1njlY0tVfYne/NFM2KJbAPb4eAQgy0mPMIZAIPH5mdr iwd: WLAN-233151: ENC[AES256_GCM,data:qnP47hqkVVAWycWaradtJQ/AUu6Jqhh281az4lHp9Vo6bmRLWNga2vG0Sg==,iv:+pC6EVtgzxR//bMJCDyzmsBrT25pcGZ5sAEkUkohU5Y=,tag:tAokgFEzr2S5B4UreB5lPA==,type:str] Fairphone4: ENC[AES256_GCM,data:BUSZHUxLNPCVc+h8VvcGo11ZHt04s7HVDOh0oaSOl/oB4dQ=,iv:YGbX6sF2FtjPwuGQGcQutWz7TD4Lg8DG0zi7ddXCkas=,tag:cNKu8xvrLOGy4Vq7WIBFTg==,type:str] - LGS: ENC[AES256_GCM,data:4z+PGrKLi99dMvapF2crWhebrxyRaxgHdP+y34YHSTa2Rkz5uaSWiACAhamkCxphdFtojosO6kKuKIU4QFRsEyPNsQobSXRmvmFHcI7x0GAer8rj+9kMsIDMKAjObmaTR6YuKrVu9r6QO9Jz/cyKgte4yT5BPvvfDkWwf8X5UzvXUrz1dwwU968Pb0oWPYpsQe12YQwwtLb6hppJhZQ6VLPH4Q/9sMLanQlydgzCFmNI8w==,iv:6erAKGCFovdrNAAyRw7z+/Gt+m9LOHVKuxVaYt8PkVo=,tag:KRJ+BZQKCJL0uno9qRPRXw==,type:str] -vpn: - lgs: - crt: ENC[AES256_GCM,data:9Qlb3FocGtzE6YHaT3stDUqsdpW4mj8SnJ04LBiJLSxFxwRt8XTgdLcIhfBhrIRPkk3UEyX/JrELgvBa/3FdY07vOnXFN6wWGjolqmRRwf5hqtosJBzuvE5EQVQEntCbry0MJgXDVrnnQmibQyoAPaM2ac+oAQEKTH0tMN+jyB5lMhPrOyA2bneJpyr13ZpudJSHO8TvxiRdhNPCYJMlzLTRi+ojhg1xwq4jbR8FGkzYcnc7HAQxdGj4rtzvfF1LBtwfAlFIt08DaeFHYXE6iEBTRYmZlk6A3ezY3aKght57d6Sf/2UBBZ/eroeDFG4cSueZkVm8WaTchoCFdEO/ll1wljl7N0pzWaiwL0WGFPnFFewfMs3x/oh3o7b8aCpr3tclWLh8D5uqi0+1FJi3FF0ngZaPQaNnDUZznb3wIc35HfYHgd4sQ2wOeN0smHACMSnNodkeWi66KExWR9c2XPDnIJJFkehkJQoPSMypcJDV64+erZfroO7P0OfoVkqVfZKKDjV2msFyeSR4b2beJ1DAq54Q79IXXaz90XZGwqFJb5mj4bUZCbz3G6AnLVW/VdeIQrYsVcA1gqPVmsKnToTtJgb0ZNRW8F2Df75lXV1R/AoxpIotgsnQ2b2L0j/Pc907jK7efn4d3dVE8lIHBxV0PpWtH6ppNkkqAV5QIwiIlZwvjIGHrJ/uH+aZCmyw4AsR1VdgSa39vxZtTV5fSTFVTZZa7rQ5To8TUnUjjYT5kEX+u6Gu2yq0QiVQDsiau5OZqvi1Bjzkc3wlLRaFJSvNPkopQt1Yw62XOqVONhQDoXdcxRjNJgmvpzew4w7ccCGjhseEh48yRHdMq8KxTkkhuRucs/WqGOrxyGhTFVCpqneCOuEqEvSnwLZKv5M86TyoA6ZhfD6QIrYmwR4xlrtNMTCxdJOMpsGUYfDfMehL+y7NmyfTrJ/E5SENzttwV4RALNk25SJajXTroMcrL96c3M+d3qXM7s58hbcPfEiqKt6ZHTm0sUnOQa550oQ1xco/u2UKsy5GD/LLvGMuyq1cTzGz2C7PhDD5HvvdQ2I2nsKYSRRmwe5lV2/6qY6JLnlAI1fqJoN3uFUy5I719JQ8w0K1q+gq7FshZ4odEEynMsFZy2y4iSGL4MdKnLNk8dkBZhq0ZwJKPaH4iLDlzZyPQifg0NxKNTA5mU70GCTyr0NxmQqMLTYdrCg+Bz1R6vVcqOTIDz7PX+zvZzFLXa0b0WVcwiJy8acP3ACUZ+he+/m3qD28QyOQ3lsUMkJQHQuAywX+wz1HvqLcYEnKFkfiJpZW33qxrU7qjvrLzc9eKZkLqjdagA6t1TXx3gMT7ZuvfTzjn5KvTVG0KDd+XHVSpUojxB5ICAf+XYD41F4u++SAqnS/KYJOEI5sQL+eHzWxCXWDWlmttJXKBLH8DxRk+oUxR+GYWxobnEYfKg7wRm6fkAYxgU5A1JR8rdNcJtKL689Q57XdzjAhcK8a7fJAqG4fBBn3pPw4iEdGF970UD3tgfeUmtRUtaoeXmSpL2/lx1yibn6vOU4iRm5AcPZEAtJiZvGWFN2BGIHuM9TPB78sDSP8xwW3X1FBfbKnMtyxTfrYv4gQ/qBNbk+K7cUgzemB7jHiZfBG/VFrclkw0VSEOBWHPh8iXcdCqCr3zG9I6w7jEytXbZQaJ1+oJtjVD3Wdzqkuz0ZVqEghgyyx0QOcW+u25E+GTHou9XGWaHKp3UKArMvZPW5YLx6cmdqQv+S3LGCVkjrH+4XWwi+OfKlqwJKRI17wnXqcr/e2wSoqnC/PEgqfh22NK4pKPD4XgQiEhhI/nscvXPimcHf0kZ/1bfI5nRIHN+nvs8FEo0lLduoqaYEfG97MfIkIpjXjdhIA/ZVl3AIndTN4x3rPpp3ZI0Dath5tXUU+Kykd3OweWQ68pHW2gektgQaPzFuu8EXqCIyXYZt5byqXJMBbpzW1FqfLZ2QsY/ErXjRB6fzOwaryIr8mqN53MaqI84Ds3k1aqjt9zbHjUH7XevMBgnXd+UWyIpbB0Po8iGYjIeiLJ9DlVQ0y7TmJP3S6dtavRR7FrYwmxToBMEvZq3qXyB5WczfR4NeUZpXGAW91fRFn0RHJM6NdGlvWRRQJUtxRcxg7oIP+NJ1QVX/D9aL8UnzS8jfc2/MVOA==,iv:aqS/HpkOYCNmBHKWjJfGFyqhWJF9ZufL91ypK4fwkaQ=,tag:8WKxT6zHdkp3N5brtckoPA==,type:str] - key: ENC[AES256_GCM,data:DQLmzYLWTwR2kBvnxaPh1KyWKhxnfTO1bBmEBFZl16lAlGatLUXtUW+g37tCSRrgAVVgzYTBYQ9YKd0OicPIot3/rh6FsnpUmxW2C0GztgPxqejU+vwisbdfWuv2JFUbfAekhMvhfHWckoCZpSWqpSvOBa1MaHCyUArIPkhEo3B1opRxCx56k6W5RaoXxUId4imtu9z26G9aOQy9FqiFIWmW54UUa32wqEBbuByf1ycLjTR7d6/G/XslOIOXIFdntO3fX2VCHlBrrg7c/rOb3V7YvNMCqjBeYhjHePdySmDsq7arQks1gORzclEeWESS+gqAQX1kp0yGzobf2qDFmYMcw3XJIAtmnB50bc+xPC5ZUJnfoO1sELcRgdzQxKLq0LMq4r7PyoOh5RRhzobVkbtZKQJAiT12t1zg5FkzlutrMXZoWIevbLkkkK1F1OqdF39tJ+Rwm6WQ2XMh0YzEC6ndgkT5NL7+pLRPtzk8O8XBWjoZpL7wtN05J7cTPbIkI5oH0v8EhNx2cc8D2SXB9S/pdJWekx6kUaG/JRIteL7YI2M8JsYxEisFLlg0e+WDpvuGO+O9e3f5e/xgUouMVL5nCxfQmjY/gIFW5mI9OlrZJPvyNpsEXndTcx+S+AxVbcxbjtGpsOmEH6yDQJB4tBJBa4/IirWaMIRZNIRxZN/IzA+gActNOK8z4/xSj/7MTKWlTW5HigZVaZvqaC6jitxT59+TsS/v4VWkIrc829lx0T/wC+wzYGQ5HVWSZlxxuBBfibbUk7ZiF9YMZcBpSqQNA3Q1kAT6xCg=,iv:1MDyvxhRI7FkvQuA5iI19HaTJs3lCJw2sutlyF4GQiw=,tag:/BBc5sqZ/Cjapd/cEezlmA==,type:str] sops: kms: [] gcp_kms: [] @@ -31,8 +26,8 @@ sops: WlU1TjFDSHFzVU9TVWlNZVBJNkZabTQKkkgMlCEN84e1Syf9wB06CwToxZoE3CZi h369oefzYx06hEde06tU9UP7FtXRP0ktgZps4d+Fx4IkNJxoP6Ucuw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-21T17:56:11Z" - mac: ENC[AES256_GCM,data:rTTt8W4biTuzf8lkT6txlggpBhHEfv2XuSs/Mu3DU/y9TygQhmqpwbBjghLpYeeC+V+YTOKwmnPBu4FP147wJAL8tWqI7nY0EFGD5CSAF13bnBG2KE+KZGiI+SWi+uGFzBFsBbXDEbcJyt45/MUt8PTWiL9nea1x5Tt9hx02mn8=,iv:QDN5D5tCUrxgjcjk55DOPT+EaMTTLtq3QPqA3Tnne5w=,tag:FUNM9vgCSMv+T6SlIpyFCQ==,type:str] + lastmodified: "2024-06-19T15:25:56Z" + mac: ENC[AES256_GCM,data:VZN7uHdsKBqb//CLjBjz5nKmd4rKClrFCcb6q+GizaYMqiitmmiT8GkLo0FRQnLUBPC8bR/Q6s9mDq9d2PxUxjFEpx122ndhkG0iOyMfDqNg2jx7XexkPoo8tAOnzX9qzOZ9NQbIVWYU6iuz0z0uTTBkiFV+lZW3NFB8gYf571M=,iv:lR5L0FU25XfEU6xBZNZCfl6I7cGAqvLvCTnCgGfw6fk=,tag:0jUeRx1B9byPVSzrmSOEUQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/hosts/north/default.nix b/hosts/north/default.nix index 16df757..10a3180 100644 --- a/hosts/north/default.nix +++ b/hosts/north/default.nix @@ -18,7 +18,6 @@ sound.enable = true; vm.qemu.enable = true; - vpn.lgs.enable = true; comma.enable = true; sops.enable = true; printing.enable = true; diff --git a/hosts/north/secrets.yaml b/hosts/north/secrets.yaml index 6044536..721c38f 100644 --- a/hosts/north/secrets.yaml +++ b/hosts/north/secrets.yaml @@ -1,8 +1,4 @@ seb-password: ENC[AES256_GCM,data:vZml/awD9ieBCQQwYs9zZveqjDDzMxFH1PFKQ8qLlaiUgaWL2BmKf4RbuS/pkjNLHr/UkPM3d3rlW6WAlNvhZiMRE+naGwD1Mw==,iv:vORmRgBgZvdafRa8vFF4LL3fw44yZV3yNq3L8eOcQRI=,tag:B7jX2LV/vKpzFlvG0bnCVA==,type:str] -vpn: - lgs: - crt: ENC[AES256_GCM,data:P0I/ybuMRHLZyPF6hc7XIxtFWo7rE1JquHVYeglq3Vhbzjy7rVLUbh+Wq8XPgWcnjaTGIcU6vL+SLL+FUbQt4UsZTYOQ1E7Gw3msENnAM/6eV0yFrGYPkeKICB60fchLHEZy3Mbh7MF+QpA6vIt424uFE7rvTlfjTm1vtmL1utT+wMZ6F74WlrchEknlX9y8ZlO2jatnMbOM9hdAlISoXKi6jnM3ubJgsQ6GKFD8dINXSd2Qv6ljxau6cAnACnb4QU1zUPcXwExj6KvbS3j4nGUEY+sTozfXwPAzTaVC+Ji4zqAzJsttdkgn7AWEfiiPp0P1zNamMNzKxUhdIWzYanHzLlf/3bZAnExc3SQpkDGmubNQcqsD7sfGrdTI5bI0GFfSs/zGrS8jltpuar7LtO9cNi5/ZHtwsO9TWjGmmFS4T63834aA/Yb8pLNPMJRDD4qmjofrmXp/JYCgc2cuLrT4cLjUPulHnffKKGDpQb/WGpCTeBlfS9OiQJL43Eh1ygsP7LaYlW5VoLQXqy6bu0cZyeIyYSBWODieFoS2kkc7P0nK5dMh1EHq6itEDDMFU5H/2yKugu2xoWlWGi0tuXx7ZHgtylAw/n400fE7kfkKfEmRUr7HyaKpn+GOGQTnuQMXYLcJ7Rmt40KydbhP9X2+LeoAX0aUkmHUU+FP2/9aRZUNDKnB1FjEy0icFOpjTvkVUxm/KT4NnqOhpoh/pqCAncNZNs6tYCyyczmujeRt1KaWI4n5FMvYjPmEpybCH4EOe9Jq3RrdTpdziZqeQg3gbq4I6uSs63zS3GJoWICbO0NdVDoxwlROIlIjaq/8MfYybKdKiCzVb4wXT7N4WNekxAxmvcKk5cAHsmxOL8R9smwjNyIekYAPjOic2MQD0BDuIEmGWNflVSUbSe2xoiwirUwLrL0+pJTaKjJcabWNTg3w1Ie+9Aw1C/UqBRmiAQBjCGoMbAU5y7BFp8qCHSfEr6fnQSUYQUvyKt2Z2A9iYBmv8/5NVN13HSr0qDEIMhLkK0F2G80oTadJ1oEmn1zAI3UolioV51GgY7HFsSYxnr4kL31wIrF3LzKist9kOEwopoFify2Lh5eY5QZYF0qHyFGWKTnccnKXelfoXMm1hXu2eP2Jk0C4CFr2AXMGGYfzXf9i70K+eaquYnOpvSgq9BY2plTUHdvkw097NVmBI8W7xQF2WfLsFxKRRGZvkXFxWKPHxvt7Q4w7oFBL4OnRWanGaFZewPikBXwUFkcZ3DPtgjv4vCPkrM5q7jYni/Qu/p3vV/7obFORWKJuBssgINAx8kJB9I65kwk3mjipXA++hAvo5onkpTh09XLKnTHzhPQ6d5Y1m6/19GB5TpuH05AOfuztl1ZaG0GJ2yBdCzW81Yz/+MGehKLE60xuHFX+HUcCWULsLmFgfb96tLVI/tHc4wEyUsqT4sEm/JGPlQGSYkgP957BQAApfIoVcY/CeY0YJsCQ5u7JHLUGtxauoUwqPfTy49oVREhPqz4h/PDUd2mshIEjG/L0g2+P32iTGPPXUk0tu1wQA3AkWE07RKT+4IX9OusaOI/VO18bg3brf6/3wa+NSUplff5aseX/i9Cx9OtAJcc/eJmIoaA04KFGV6WmY8F5ZO2nA3MwS3OC5kr2BcyUQv7WJnsZSapGIlZ3CR3ni8jyRTKcM6LrwdUfvtkTK0PF1PAV9wyqNXayT+VptI50ohFoIPxgsVhi/4mg1O66VW2cQkOWnOYqulCuIA5Gav5QEowMDh+nDFcwvtCRXGv74JGP08kiHUvQOEes676fNuYC0wx1eajz4zQKijGQn3jMPNq+7FusR1jw6tHl2slSpjyJer7L5sr69JoHfhwhFa1INSOYjak86/IG/Stwd+B7n1Hz8lytzFbRcp53nxMO13o0Sex4/Yy6ECHz0Pnq5pEdf7S6vSiBNmun6ZtyB060AaTmAVi6VLt1BC8qxjhW+8r13Liy/fyHnEl62Asief4eGia9Pkuwq3S6yqoTCkLXKXEeYdKMQH6FOs5TwFVMUsPe0YW9tjumUK0dZ3H4z3calWlHt5KPlJn6oAVyvQG0P2/+W5nJJ/UsfE3547TvaQSnesyRsnz8F1+TLiqjKjYXOKtRAwTkS412tcDU36wDKco6aCmdnZTwYlHZw4ZxeQ==,iv:3ZJ9yT9swwsmuGlm9jY/4To38UUO7K8JTMUsGZxX4GM=,tag:6dlVVdMqgEhWOhBUizjgKg==,type:str] - key: ENC[AES256_GCM,data:8vHUUhxBWoSp5WHGUgrGCCSkJK3Ju+ShElhbictHRdNnJOKhWcVri5Yx4R8c/ZnXRRiqQBZFJIkoarsM3IOEEbXoFz1YCme3DjWeoWkql6U7YIBArvsh2dJK+E21+ksgdJmwozkM0yMEXBovEVEtrTTVSF+zJHLG7BI08Pk1R3k1IOKUaWHkA7NkHFFZj3udDM7BZ8Vwrps6kkusVCBswptrIZAPAQqAU+KkMhlxEJg2lsIbUqxd4pLj5yPDny34KXMXuaWY+WV2g7dSicrILb1n0XkAToPiQDKmNCi3cx/0ej70tyvk5TkUZy8hbIn4pTWhq85LEfKWAwWoN7+2sI3cjzlGTg8cphwLCRIHtZeXrwm5gFhKd4L1oX790PeAtRSo5YhVB3q+3jbOh5hpJ5NWMfvP2o2KN7vBwGG30cMcHoYaKPIF5aldKL193rEXmWmL8bkiCrx/h/t4lN5BWBGCPKobX5GpWMG9k3Z4VwaYg1BsYdiAUzrbzKdCKIFPgZ7VBMoMFFUm/4oHKq9hI5kUOK0IuJ+kEoernkcGCIkzSibKkljgUusIRIxZspXQXjX9weY7ZrDj58f3KtiG3Mp2CdvfyBxIDG/vr1/1CTD1LTtJZpWBbTN7BHQUPcA3Q+ioRa2W+i9+VoMLdTrYhXFjUr9eLMZlL1YithrMIn8NLHqjWpLwBtHYIxoriefSWUEM8aBKJFgHh5oZZFd1l/kZbu8aM18UZDVt6i8HJs2wmjwwkw73RV+QYPH/+Tc/qJvygcFVyMUYlMhbGfGzwpglFMuMhSPHTyA=,iv:yyDXKiPQgG70xzL3PW/ly9NcC0UAAH+v3hkdp+z7Zbs=,tag:PW/PZbPtH8XtSXSqB46jbw==,type:str] sops: kms: [] gcp_kms: [] @@ -27,8 +23,8 @@ sops: S04zMkpXT21GYTBSRFI2c1gyalZCK1UKtD6FA5BLLqnMAtVqYIujkM5qqMD524ck GipN/XwBhXSL98xrgaNmnN+Q46SNX0s41maGO624xvZMKZhObjxHIw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-02T22:17:31Z" - mac: ENC[AES256_GCM,data:8n1uxIbuCp9z5XML68jq65V3FGj6AVPq6y5BZhS5FGVc7fCSxQrxil+SYIWDDrMn5rp7DHM/t4hJf2TA4T3U7xwS1i63mPiIrwPl9+CiHPK/wMkm67c0Xh+RnRrXhCbl5wO08vZkp2D9pso7wV/52OOtMKax+O3K9wweZWNSef0=,iv:rbtXcGI1JQvBfTq4PJJTXmRz3IOiPyBDDTGtIICNFQY=,tag:7QQknmXBHKEcrco0So+ATg==,type:str] + lastmodified: "2024-06-19T15:25:19Z" + mac: ENC[AES256_GCM,data:0/Svom6EIyxR1mTOyFHMP6m1H7wO2s6VQNfLHtfQFoa3A7IC4gnqXR2yuro7Gf9C2mh8FIDwM3dxIHO+V0wpqQBdsYBEKPnaXSmAFHH9eZmF7FGHB6Y2V03/MyB0Iv1k5xWH77kkxMdeRxzkCYDyg1ADNbx/zvEHwTIEFsurSm4=,iv:e2+96ZKj0P5xv7jJfdxob3Hlr9THnnin4M+BIdSXBWU=,tag:5RR7eiLsQZlNBUjZ5qmEzw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/modules/system/default.nix b/modules/system/default.nix index 9a08257..60347f3 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,7 +3,6 @@ ./flatpak.nix ./vm.nix ./wlan.nix - ./vpn.nix ./comma.nix ./sops.nix ./bluetooth.nix diff --git a/modules/system/vpn.nix b/modules/system/vpn.nix deleted file mode 100644 index 047d3a5..0000000 --- a/modules/system/vpn.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, ... }: -{ - options.myConfig.vpn.lgs.enable = lib.mkEnableOption ""; - - config = lib.mkIf config.myConfig.vpn.lgs.enable { - sops.secrets = { - "vpn/lgs/crt" = { }; - "vpn/lgs/key" = { }; - }; - - services.openvpn.servers.lgs = { - autoStart = false; - - config = '' - dev tap - persist-tun - persist-key - data-ciphers AES-128-GCM:AES-256-CBC - data-ciphers-fallback AES-256-CBC - auth SHA1 - tls-client - client - resolv-retry infinite - remote 194.9.190.11 1194 udp4 - nobind - auth-user-pass - ca ${config.sops.secrets."vpn/lgs/crt".path} - tls-auth ${config.sops.secrets."vpn/lgs/key".path} 1 - remote-cert-tls server - explicit-exit-notify - ''; - }; - }; -} diff --git a/modules/system/wlan.nix b/modules/system/wlan.nix index 07be244..65484eb 100644 --- a/modules/system/wlan.nix +++ b/modules/system/wlan.nix @@ -11,7 +11,6 @@ sops.secrets = { "iwd/WLAN-233151" = { }; "iwd/Fairphone4" = { }; - "iwd/LGS" = { }; }; networking.wireless.iwd = { @@ -27,7 +26,6 @@ systemd.tmpfiles.rules = [ "C /var/lib/iwd/WLAN-233151.psk 0600 root root - ${config.sops.secrets."iwd/WLAN-233151".path}" "C /var/lib/iwd/Fairphone4.psk 0600 root root - ${config.sops.secrets."iwd/Fairphone4".path}" - "C /var/lib/iwd/LGS.8021x 0600 root root - ${config.sops.secrets."iwd/LGS".path}" ]; environment.systemPackages = [ pkgs.iwgtk ];