{pkgs, ...}: let # nordvpn = pkgs.callPackage ../pkgs/nordvpn.nix {}; # nordvpn-rofi = pkgs.callPackage ../pkgs/nordvpn-rofi.nix {}; in { environment.systemPackages = with pkgs; [ nordvpn nordvpn-rofi ]; users.groups.nordvpn = {}; # service definition systemd.services.nordvpnd = { enable = true; description = "NordVPN Daemon"; wants = [ "nordvpnd.socket" ]; after = [ "network-pre.target" ]; wantedBy = [ "default.target" ]; serviceConfig = { ExecStart = "${pkgs.nordvpn}/bin/nordvpnd"; NonBlocking = "true"; KillMode = "process"; Restart = "on-failure"; RestartSec = "5"; RuntimeDirectory = "nordvpn"; RuntimeDirectoryMode= "0750"; Group = "nordvpn"; # User = "root"; # uncomment if needed }; }; # socket definition systemd.sockets.nordvpnd = { enable = true; description = "NordVPN Daemon Socket"; partOf = [ "nordvpnd.service" ]; listenStreams = [ "/run/nordvpn/nordvpnd.sock" ]; socketConfig = { NoDelay = "true"; SocketGroup = "nordvpn"; SocketMode = "0770"; DirectoryMode = "0750"; }; wantedBy = [ "sockets.target" ]; }; # system.activationScripts."nordvpn-settings".text = '' # ${pkgs.nordvpn}/bin/nordvpn set dns 9.9.9.9 149.112.112.112 1.1.1.1 # ${pkgs.nordvpn}/bin/nordvpn allowlist add subnet 192.168.0.0/16 # ''; }