Moved vpn services to vpn-services variable so they can be modified

master
noah metz 2023-12-01 18:02:10 -07:00
parent 8978b00640
commit bef5e59857
1 changed files with 24 additions and 19 deletions

@ -6,29 +6,34 @@
#:use-module (gnu services vpn) #:use-module (gnu services vpn)
#:use-module (system base-system) #:use-module (system base-system)
#:export (vpn.metznet.ca)) #:export (vpn.metznet.ca vpn-services))
(define-public vpn-services
(append (list (service openvpn-server-service-type
(openvpn-server-configuration (tls-auth
"/etc/openvpn/ta.key")
(server
"10.0.80.0 255.255.255.0")))
(simple-service 'vpn-server-etc etc-service-type
(let ((pki-dir (getenv "VPN_PKI_DIR")))
(if pki-dir
`(("openvpn/dh2048.pem" ,(local-file (string-append
pki-dir
"/dh2048.pem"))))
`())))
(service certbot-service-type
(certbot-configuration (email "admin@metznet.ca")
(certificates (list (certificate-configuration
(domains '
("vpn.metznet.ca"))))))))
(modify-services %metznet-server-services
(delete openvpn-client-service-type))))
(define-public vpn.metznet.ca (define-public vpn.metznet.ca
(operating-system (operating-system
(inherit %metznet-base-server-system) (inherit %metznet-base-server-system)
(host-name "vpn.metznet.ca") (host-name "vpn.metznet.ca")
(services (services
(append (list (service openvpn-server-service-type vpn-services)))
(openvpn-server-configuration (tls-auth
"/etc/openvpn/ta.key")
(server
"10.0.80.0 255.255.255.0")))
(simple-service 'vpn-server-etc etc-service-type
(let ((pki-dir (getenv "VPN_PKI_DIR")))
(if pki-dir
`(("openvpn/dh2048.pem" ,(local-file (string-append pki-dir "/dh2048.pem"))))
`())))
(service certbot-service-type
(certbot-configuration (email "admin@metznet.ca")
(certificates (list (certificate-configuration
(domains '
("vpn.metznet.ca"))))))))
(modify-services %metznet-server-services
(delete openvpn-client-service-type))))))