Official NixOS Wiki

OpenVPN: Difference between revisions

← Older edit
Perchun (talk | contribs)
6 edits
VisualWikitext
Bittner (talk | contribs)
6 edits
Add network-manager integration
Perchun (talk | contribs)
6 edits
Format using nixfmt
 
Line 6: Line 6:
   ...
   ...
   services.openvpn.servers = {
   services.openvpn.servers = {
     officeVPN  = { config = '' config /root/nixos/openvpn/officeVPN.conf ''; };
     officeVPN  = { config = "config /root/nixos/openvpn/officeVPN.conf"; };
     homeVPN    = { config = '' config /root/nixos/openvpn/homeVPN.conf ''; };
     homeVPN    = { config = "config /root/nixos/openvpn/homeVPN.conf"; };
     serverVPN  = { config = '' config /root/nixos/openvpn/serverVPN.conf ''; };
     serverVPN  = { config = "config /root/nixos/openvpn/serverVPN.conf"; };
   };
   };
   ...
   ...
Line 30: Line 30:
   services.openvpn.servers = {
   services.openvpn.servers = {
     officeVPN  = {
     officeVPN  = {
       config = '' config /root/nixos/openvpn/officeVPN.conf '';
       config = "config /root/nixos/openvpn/officeVPN.conf";
       updateResolvConf = true;
       updateResolvConf = true;
     };
     };
Line 67: Line 67:
     device = "//10.8.0.x/Share";
     device = "//10.8.0.x/Share";
     fsType = "cifs";
     fsType = "cifs";
     options = [ "noauto" "user" "uid=1000" "gid=100" "username=xxx" "password=xxx" "iocharset=utf8"
     options = [
       "x-systemd.requires=openvpn-officeVPN.service" ];
      "noauto"
      "user"
      "uid=1000"
      "gid=100"
      "username=xxx"
      "password=xxx"
      "iocharset=utf8"
       "x-systemd.requires=openvpn-officeVPN.service"
    ];
   };
   };
   fileSystems."/mnt/home" = {
   fileSystems."/mnt/home" = {
     device = "//10.9.0.x/Share";
     device = "//10.9.0.x/Share";
     fsType = "cifs";
     fsType = "cifs";
     options = [ "noauto" "user" "uid=1000" "gid=100" "username=xxx" "password=xxx" "iocharset=utf8"
     options = [
       "x-systemd.requires=openvpn-homeVPN.service" ];
      "noauto"
      "user"
      "uid=1000"
      "gid=100"
      "username=xxx"
      "password=xxx"
      "iocharset=utf8"
       "x-systemd.requires=openvpn-homeVPN.service"
    ];
   };
   };
   ...
   ...
Line 104: Line 120:
   vpn-dev = "tun0";
   vpn-dev = "tun0";
   port = 1194;
   port = 1194;
in {
in
{
   # sudo systemctl start nat
   # sudo systemctl start nat
   networking.nat = {
   networking.nat = {
     enable = true;
     enable = true;
     externalInterface = <your-server-out-if>;
     externalInterface = <your-server-out-if>;
     internalInterfaces = [ vpn-dev ];
     internalInterfaces = [ vpn-dev ];
   };
   };
   networking.firewall.trustedInterfaces = [ vpn-dev ];
   networking.firewall.trustedInterfaces = [ vpn-dev ];
Retrieved from "https://wiki.nixos.org/wiki/OpenVPN"