Got vpn server running

master
noah metz 2023-11-30 17:19:46 -07:00
parent cfb8ade09f
commit 51e6a0ca88
3 changed files with 10 additions and 10 deletions

1
.gitignore vendored

@ -1,2 +1,3 @@
.env
*.ldif
pki/

@ -1,4 +1,5 @@
(define-module (machines vpn.metznet.ca)
#:use-module (guix gexp)
#:use-module (gnu system)
#:use-module (gnu services)
#:use-module (gnu services certbot)
@ -13,6 +14,9 @@
(openvpn-server-configuration
(tls-auth "/etc/openvpn/ta.key")
(server "10.0.80.0 255.255.255.0")))
(simple-service 'vpn-server-etc etc-service-type
`(("openvpn/dh2048.pem" ,(local-file "dh2048.pem"))))
(service certbot-service-type
(certbot-configuration (email "admin@metznet.ca")
(certificates (list (certificate-configuration

@ -172,10 +172,10 @@
(symlink (string-append #$zsh "/bin/zsh") "/bin/zsh"))))
(define (metznet-etc-service configuration)
'(("/etc/openvpn/ta.key" (local-file "ta.key"))
("/etc/openvpn/ca.crt" (local-file "ca.crt"))
("/etc/openvpn/client.crt" (local-file "client.crt"))
("/etc/openvpn/client.key" (local-file "client.key"))))
`(("openvpn/ta.key" ,(local-file "ta.key"))
("openvpn/ca.crt" ,(local-file "ca.crt"))
("openvpn/client.crt" ,(local-file "client.crt"))
("openvpn/client.key" ,(local-file "client.key"))))
(define metznet-service-type
(service-type (name 'metznet-service)
@ -280,13 +280,8 @@
(targets '("/boot/efi"))
(keyboard-layout keyboard-layout)))
(file-systems (cons* (file-system
(mount-point "/boot/efi")
(device "/dev/vda1")
(type "vfat")
(check? #f))
(file-system
(mount-point "/")
(device "/dev/vda3")
(device (file-system-label "guixsd"))
(type "xfs")
(check? #f)) %base-file-systems))
(users %metznet-base-user-accounts)