swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: code cleanup (nixpkgs-fmt style)

Browse source
This commit is contained in:
Swarsel 2024-07-20 00:21:55 +02:00
parent 2a08576697
commit dc66bb27dd
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
44 changed files with 1152 additions and 1138 deletions
Download patch file Download diff file Expand all files Collapse all files

8
profiles/server1/TEMPLATE/nixos.nix
View file

@ -1,8 +1,6 @@
{ pkgs, modulesPath, ... }:
{
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
];
@ -18,7 +16,7 @@
xkbVariant = "altgr-intl";
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself

14
profiles/server1/calibre/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--120--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

15
profiles/server1/calibre/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
@ -30,13 +27,13 @@
xkbVariant = "altgr-intl";
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/calibre/secrets.yaml";
validateSopsFiles = false;
secrets.kavita = {owner = "kavita";};
secrets.kavita = { owner = "kavita"; };
};
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -68,4 +65,6 @@
port = 8080;
tokenKeyFile = config.sops.secrets.kavita.path;
};
}

14
profiles/server1/jellyfin/hardware-configuration.nix
View file

@ -1,13 +1,13 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--121--disk--0";
@ -19,7 +19,7 @@
fsType = "cifs";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

14
profiles/server1/jellyfin/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
@ -24,7 +21,7 @@
};
users.users.jellyfin = {
extraGroups = ["video" "render"];
extraGroups = [ "video" "render" ];
};
services.xserver = {
@ -32,7 +29,7 @@
xkbVariant = "altgr-intl";
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -59,7 +56,7 @@
};
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.graphics = {
enable = true;
@ -76,4 +73,5 @@
user = "jellyfin";
# openFirewall = true; # this works only for the default ports
};
}

14
profiles/server1/matrix/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--102--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

47
profiles/server1/matrix/nixos.nix
View file

@ -1,12 +1,10 @@
{
config,
pkgs,
modulesPath,
sops,
...
}: let
{ config, pkgs, modulesPath, sops, ... }:
let
matrixDomain = "matrix2.swarsel.win";
in {
in
{
services = {
xserver = {
layout = "us";
@ -15,16 +13,14 @@ in {
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
listenAddresses = [
{
port = 22;
addr = "0.0.0.0";
}
];
listenAddresses = [{
port = 22;
addr = "0.0.0.0";
}];
};
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -46,6 +42,7 @@ in {
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
};
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
@ -67,15 +64,15 @@ in {
];
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/matrix/secrets.yaml";
validateSopsFiles = false;
secrets = {
matrixsharedsecret = {owner = "matrix-synapse";};
mautrixtelegram_as = {owner = "matrix-synapse";};
mautrixtelegram_hs = {owner = "matrix-synapse";};
mautrixtelegram_api_id = {owner = "matrix-synapse";};
mautrixtelegram_api_hash = {owner = "matrix-synapse";};
matrixsharedsecret = { owner = "matrix-synapse"; };
mautrixtelegram_as = { owner = "matrix-synapse"; };
mautrixtelegram_hs = { owner = "matrix-synapse"; };
mautrixtelegram_api_id = { owner = "matrix-synapse"; };
mautrixtelegram_api_hash = { owner = "matrix-synapse"; };
};
templates = {
"matrix_user_register.sh".content = ''
@ -139,13 +136,13 @@ in {
listeners = [
{
port = 8008;
bind_addresses = ["0.0.0.0"];
bind_addresses = [ "0.0.0.0" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = ["client" "federation"];
names = [ "client" "federation" ];
compress = true;
}
];
@ -261,6 +258,7 @@ in {
domain = matrixDomain;
};
appservice = {
address = "http://localhost:29328";
hostname = "0.0.0.0";
port = 29328;
@ -287,7 +285,7 @@ in {
# messages out after a while.
systemd.timers."restart-bridges" = {
wantedBy = ["timers.target"];
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1d";
OnUnitActiveSec = "1d";
@ -306,4 +304,5 @@ in {
User = "root";
};
};
}

14
profiles/server1/nginx/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--119--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

16
profiles/server1/nginx/nixos.nix
View file

@ -1,9 +1,5 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
@ -22,13 +18,13 @@
xkbVariant = "altgr-intl";
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/nginx/secrets.yaml";
validateSopsFiles = false;
secrets.dnstokenfull = {owner = "acme";};
secrets.dnstokenfull = { owner = "acme"; };
templates."certs.secret".content = ''
CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull}
'';
@ -73,6 +69,7 @@
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts = {
"stash.swarsel.win" = {
enableACME = true;
forceSSL = true;
@ -110,6 +107,7 @@
};
};
"sound.swarsel.win" = {
enableACME = true;
forceSSL = true;
@ -199,6 +197,8 @@
};
};
};
};
};
}

14
profiles/server1/paperless/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--117--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

29
profiles/server1/paperless/nixos.nix
View file

@ -1,14 +1,14 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
];
services = {
xserver = {
layout = "us";
@ -17,16 +17,14 @@
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
listenAddresses = [
{
port = 22;
addr = "0.0.0.0";
}
];
listenAddresses = [{
port = 22;
addr = "0.0.0.0";
}];
};
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -48,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
};
users.groups.lxc_shares = {
gid = 10000;
members = [
@ -68,10 +68,10 @@
};
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/root/.dotfiles/secrets/paperless/secrets.yaml";
validateSopsFiles = false;
secrets.admin = {owner = "paperless";};
secrets.admin = { owner = "paperless"; };
};
services.paperless = {
@ -90,4 +90,5 @@
};
};
};
}

16
profiles/server1/sound/hardware-configuration.nix
View file

@ -1,18 +1,18 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/mnt/data/images/118/vm-118-disk-0.raw";
fsType = "ext4";
options = ["loop"];
options = [ "loop" ];
};
fileSystems."/media" = {
@ -20,7 +20,7 @@
fsType = "cifs";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

34
profiles/server1/sound/nixos.nix
View file

@ -1,14 +1,14 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
];
services = {
xserver = {
layout = "us";
@ -17,16 +17,14 @@
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
listenAddresses = [
{
port = 22;
addr = "0.0.0.0";
}
];
listenAddresses = [{
port = 22;
addr = "0.0.0.0";
}];
};
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -48,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
};
proxmoxLXC.privileged = true; # manage hostname myself
users = {
@ -65,7 +65,7 @@
gid = 61593;
};
mpd = {};
mpd = { };
};
users = {
@ -73,13 +73,13 @@
isSystemUser = true;
uid = 61593;
group = "navidrome";
extraGroups = ["audio" "utmp"];
extraGroups = [ "audio" "utmp" ];
};
mpd = {
isSystemUser = true;
group = "mpd";
extraGroups = ["audio" "utmp"];
extraGroups = [ "audio" "utmp" ];
};
};
};
@ -103,10 +103,10 @@
];
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/sound/secrets.yaml";
validateSopsFiles = false;
secrets.mpdpass = {owner = "mpd";};
secrets.mpdpass = { owner = "mpd"; };
};
services.navidrome = {

14
profiles/server1/spotifyd/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--123--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

26
profiles/server1/spotifyd/nixos.nix
View file

@ -1,13 +1,14 @@
{ pkgs, modulesPath, ... }:
{
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
];
services = {
xserver = {
layout = "us";
@ -16,16 +17,14 @@
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
listenAddresses = [
{
port = 22;
addr = "0.0.0.0";
}
];
listenAddresses = [{
port = 22;
addr = "0.0.0.0";
}];
};
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
@ -47,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
};
proxmoxLXC.privileged = true; # manage hostname myself
users.groups.spotifyd = {
@ -57,7 +58,7 @@
isSystemUser = true;
uid = 65136;
group = "spotifyd";
extraGroups = ["audio" "utmp"];
extraGroups = [ "audio" "utmp" ];
};
sound = {
@ -88,4 +89,5 @@
};
};
};
}

14
profiles/server1/transmission/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{lib, ...}: {
imports = [];
{ lib, ... }: {
imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/mapper/pve-vm--122--disk--0";
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

85
profiles/server1/transmission/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{
config,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix
@ -32,7 +29,7 @@
"root"
];
};
users.groups.vpn = {};
users.groups.vpn = { };
users.users.vpn = {
isNormalUser = true;
@ -45,15 +42,15 @@
xkbVariant = "altgr-intl";
};
nix.settings.experimental-features = ["nix-command" "flakes"];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = {
age.sshKeyPaths = ["/etc/ssh/sops"];
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/transmission/secrets.yaml";
validateSopsFiles = false;
};
boot.kernelModules = ["tun"];
boot.kernelModules = [ "tun" ];
proxmoxLXC = {
manageNetwork = true; # manage network myself
manageHostName = false; # manage hostname myself
@ -90,36 +87,39 @@
'';
};
environment.etc = {
"openvpn/iptables.sh" = {
source = ../../../scripts/server1/iptables.sh;
mode = "0755";
};
"openvpn/update-resolv-conf" = {
source = ../../../scripts/server1/update-resolv-conf;
mode = "0755";
};
"openvpn/routing.sh" = {
source = ../../../scripts/server1/routing.sh;
mode = "0755";
};
"openvpn/ca.rsa.2048.crt" = {
source = ../../../secrets/certs/ca.rsa.2048.crt;
mode = "0644";
};
"openvpn/crl.rsa.2048.pem" = {
source = ../../../secrets/certs/crl.rsa.2048.pem;
mode = "0644";
};
"openvpn/iptables.sh" =
{
source = ../../../scripts/server1/iptables.sh;
mode = "0755";
};
"openvpn/update-resolv-conf" =
{
source = ../../../scripts/server1/update-resolv-conf;
mode = "0755";
};
"openvpn/routing.sh" =
{
source = ../../../scripts/server1/routing.sh;
mode = "0755";
};
"openvpn/ca.rsa.2048.crt" =
{
source = ../../../secrets/certs/ca.rsa.2048.crt;
mode = "0644";
};
"openvpn/crl.rsa.2048.pem" =
{
source = ../../../secrets/certs/crl.rsa.2048.pem;
mode = "0644";
};
};
services.openssh = {
enable = true;
settings.PermitRootLogin = "yes";
listenAddresses = [
{
port = 22;
addr = "0.0.0.0";
}
];
listenAddresses = [{
port = 22;
addr = "0.0.0.0";
}];
};
users.users.root.openssh.authorizedKeys.keyFiles = [
../../../secrets/keys/authorized_keys
@ -177,12 +177,12 @@
'';
};
secrets = {
vpnuser = {};
rpcuser = {owner = "vpn";};
vpnpass = {};
rpcpass = {owner = "vpn";};
vpnprot = {};
vpnloc = {};
vpnuser = { };
rpcuser = { owner = "vpn"; };
vpnpass = { };
rpcpass = { owner = "vpn"; };
vpnprot = { };
vpnloc = { };
};
};
services.openvpn.servers = {
@ -199,6 +199,7 @@
user = "vpn";
group = "lxc_shares";
settings = {
alt-speed-down = 8000;
alt-speed-enabled = false;
alt-speed-time-begin = 0;
@ -269,4 +270,6 @@
utp-enabled = false;
};
};
}