aboutsummaryrefslogtreecommitdiff
path: root/flake.nix
diff options
context:
space:
mode:
Diffstat (limited to 'flake.nix')
-rw-r--r--flake.nix155
1 files changed, 100 insertions, 55 deletions
diff --git a/flake.nix b/flake.nix
index 6f04811..734ea11 100644
--- a/flake.nix
+++ b/flake.nix
@@ -10,70 +10,115 @@
nixpkgs,
self,
}:
- flake-utils.lib.eachDefaultSystem (system: {
- nixosModules.default =
- { config, ... }:
- {
- options.services.pia = {
- enable = nixpkgs.lib.mkOption {
- default = false;
- type = nixpkgs.lib.types.bool;
- };
+ flake-utils.lib.eachDefaultSystem (
+ system:
+ let
+ pkgs = import nixpkgs {
+ inherit system;
+ };
+
+ lib = pkgs.lib;
+ in
+ {
+ packages =
+ let
+ makeShellScript =
+ name: action:
+ pkgs.writeScriptBin name ''
+ #!${pkgs.runtimeShell}
+
+ if [ "$(id -u)" -ne 0 ]; then
+ exec sudo "$0" "$@"
+ fi
+
+ ${action}
+ '';
+ in
+ {
+ pia-start = makeShellScript "pia-start" "sudo systemctl start openvpn-$1.service";
+ pia-stop = makeShellScript "pia-stop" "sudo systemctl stop openvpn-$1.service";
+ pia-list = makeShellScript "pia-list" "ls /etc/systemd/system/ | awk '/openvpn/ {gsub(/openvpn-|.service/, \"\"); print}'";
- authUserPass = {
- username = nixpkgs.lib.mkOption {
+ pia-search = makeShellScript "pia-search" "${
+ lib.getExe self.packages.${system}.pia-list
+ } | ${lib.getExe pkgs.fzf}";
+ };
+
+ nixosModules.default =
+ { config, ... }:
+ {
+ options.services.pia = {
+ enable = nixpkgs.lib.mkOption {
default = false;
- type = nixpkgs.lib.types.str;
+ type = nixpkgs.lib.types.bool;
};
- password = nixpkgs.lib.mkOption {
- default = false;
- type = nixpkgs.lib.types.str;
+ authUserPass = {
+ username = nixpkgs.lib.mkOption {
+ default = false;
+ type = nixpkgs.lib.types.str;
+ };
+
+ password = nixpkgs.lib.mkOption {
+ default = false;
+ type = nixpkgs.lib.types.str;
+ };
};
};
- };
- config = nixpkgs.lib.mkIf config.services.pia.enable {
- services.openvpn.servers =
- let
- resources = nixpkgs.legacyPackages.${system}.fetchzip {
- name = "pia-vpn-config";
- url = "https://www.privateinternetaccess.com/openvpn/openvpn.zip";
- sha256 = "ZA8RS6eIjMVQfBt+9hYyhaq8LByy5oJaO9Ed+x8KtW8=";
- stripRoot = false;
- };
- in
- builtins.listToAttrs (
- map
- (name: {
- name =
- (builtins.replaceStrings
- [
- ".ovpn"
- "_"
- ]
- [
- ""
- "-"
- ]
- )
- name;
+ config = nixpkgs.lib.mkIf config.services.pia.enable {
+ environment.systemPackages =
+ let
+ piaPackages = self.packages.${system};
+ in
+ [
+ piaPackages.pia-start
+ piaPackages.pia-stop
+ piaPackages.pia-list
+ piaPackages.pia-search
+ ];
- value = {
- inherit (config.services.pia) authUserPass;
+ services.openvpn.servers =
+ let
+ resources = nixpkgs.legacyPackages.${system}.fetchzip {
+ name = "pia-vpn-config";
+ url = "https://www.privateinternetaccess.com/openvpn/openvpn.zip";
+ sha256 = "ZA8RS6eIjMVQfBt+9hYyhaq8LByy5oJaO9Ed+x8KtW8=";
+ stripRoot = false;
+ };
+ in
+ builtins.listToAttrs (
+ map
+ (name: {
+ name =
+ (builtins.replaceStrings
+ [
+ ".ovpn"
+ "_"
+ ]
+ [
+ ""
+ "-"
+ ]
+ )
+ name;
- autoStart = false;
- config = "config ${resources}/${name}";
- updateResolvConf = true;
- };
- })
- (
- builtins.filter (name: (builtins.match ".+ovpn$" name) != null) (
- builtins.attrNames (builtins.readDir resources)
+ value = {
+ inherit (config.services.pia) authUserPass;
+
+ autoStart = false;
+ config = "config ${resources}/${name}";
+ updateResolvConf = true;
+ };
+ })
+ (
+ builtins.filter (name: (builtins.match ".+ovpn$" name) != null) (
+ builtins.attrNames (builtins.readDir resources)
+ )
)
- )
- );
+ );
+ };
};
- };
- });
+ }
+ );
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-28 13:15:22 +0000