feat(nixos/alpha): enable nm-mullvad

author: sefidel <contact@sefidel.net> 2023-09-19 01:26:42 +0900
committer: sefidel <contact@sefidel.net> 2023-09-19 01:26:42 +0900
commit: 303d436f49fff97672afafaa47afaa1895e7f379 (patch)
tree: 6235686e7e4e7f14a799926a6bc23f85d2ae8a44 /nixos/alpha/configuration.nix
parent: 9084e40de72042f10c78b5a423b415bad0a53179 (diff)
download: nixrc-303d436f49fff97672afafaa47afaa1895e7f379.tar.gz
nixrc-303d436f49fff97672afafaa47afaa1895e7f379.zip
1 files changed, 27 insertions, 0 deletions
diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix
index d5912d9..d15baec 100644
--- a/nixos/alpha/configuration.nix
+++ b/nixos/alpha/configuration.nix
@@ -64,6 +64,33 @@
   networking.useDHCP = false;
   networking.firewall.enable = true;
 
+  sops.secrets.mullvad-private-key = { };
+  sops.secrets.mullvad-ipv4-address = { };
+  sops.secrets.mullvad-ipv6-address = { };
+
+  networking.networkmanager.nm-mullvad = {
+    enable = true;
+
+    listenPort = 51820;
+    openFirewall = true;
+
+    autoConnect = {
+      enable = true;
+      profile = "jp-tyo-wg-001";
+    };
+
+    availableServers = [
+      "jp-tyo-wg-001"
+      "jp-osa-wg-002"
+      "se-mma-wg-001"
+      "se-sto-wg-002"
+    ];
+
+    privateKeyPath = config.sops.secrets.mullvad-private-key.path;
+    ipv4AddressPath = config.sops.secrets.mullvad-ipv4-address.path;
+    ipv6AddressPath = config.sops.secrets.mullvad-ipv6-address.path;
+  };
+
   programs.nm-applet.enable = true;
 
   i18n.defaultLocale = "en_US.UTF-8";
author	sefidel <contact@sefidel.net>	2023-09-19 01:26:42 +0900
committer	sefidel <contact@sefidel.net>	2023-09-19 01:26:42 +0900
commit	303d436f49fff97672afafaa47afaa1895e7f379 (patch)
tree	6235686e7e4e7f14a799926a6bc23f85d2ae8a44 /nixos/alpha/configuration.nix
parent	9084e40de72042f10c78b5a423b415bad0a53179 (diff)
download	nixrc-303d436f49fff97672afafaa47afaa1895e7f379.tar.gz nixrc-303d436f49fff97672afafaa47afaa1895e7f379.zip