MetzNet
/
metznet-channel
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Got vpn server running

master
noah metz 2023-11-30 17:19:46 -07:00
parent cfb8ade09f
commit 51e6a0ca88
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
Unescape Escape View File

@ -1,2 +1,3 @@
.env .env
*.ldif *.ldif
pki/

4
machines/vpn.metznet.ca.scm
Unescape Escape View File

@ -1,4 +1,5 @@
(define-module (machines vpn.metznet.ca) (define-module (machines vpn.metznet.ca)
#:use-module (guix gexp)
#:use-module (gnu system) #:use-module (gnu system)
#:use-module (gnu services) #:use-module (gnu services)
#:use-module (gnu services certbot) #:use-module (gnu services certbot)
@ -13,6 +14,9 @@
(openvpn-server-configuration (openvpn-server-configuration
(tls-auth "/etc/openvpn/ta.key") (tls-auth "/etc/openvpn/ta.key")
(server "10.0.80.0 255.255.255.0"))) (server "10.0.80.0 255.255.255.0")))
(simple-service 'vpn-server-etc etc-service-type
`(("openvpn/dh2048.pem" ,(local-file "dh2048.pem"))))
(service certbot-service-type (service certbot-service-type
(certbot-configuration (email "admin@metznet.ca") (certbot-configuration (email "admin@metznet.ca")
(certificates (list (certificate-configuration (certificates (list (certificate-configuration

15
system/base-system.scm
Unescape Escape View File

@ -172,10 +172,10 @@
(symlink (string-append #$zsh "/bin/zsh") "/bin/zsh")))) (symlink (string-append #$zsh "/bin/zsh") "/bin/zsh"))))
(define (metznet-etc-service configuration) (define (metznet-etc-service configuration)
'(("/etc/openvpn/ta.key" (local-file "ta.key")) `(("openvpn/ta.key" ,(local-file "ta.key"))
("/etc/openvpn/ca.crt" (local-file "ca.crt")) ("openvpn/ca.crt" ,(local-file "ca.crt"))
("/etc/openvpn/client.crt" (local-file "client.crt")) ("openvpn/client.crt" ,(local-file "client.crt"))
("/etc/openvpn/client.key" (local-file "client.key")))) ("openvpn/client.key" ,(local-file "client.key"))))
(define metznet-service-type (define metznet-service-type
(service-type (name 'metznet-service) (service-type (name 'metznet-service)
@ -280,13 +280,8 @@
(targets '("/boot/efi")) (targets '("/boot/efi"))
(keyboard-layout keyboard-layout))) (keyboard-layout keyboard-layout)))
(file-systems (cons* (file-system (file-systems (cons* (file-system
(mount-point "/boot/efi")
(device "/dev/vda1")
(type "vfat")
(check? #f))
(file-system
(mount-point "/") (mount-point "/")
(device "/dev/vda3") (device (file-system-label "guixsd"))
(type "xfs") (type "xfs")
(check? #f)) %base-file-systems)) (check? #f)) %base-file-systems))
(users %metznet-base-user-accounts) (users %metznet-base-user-accounts)