53 lines
1.5 KiB
Nix
53 lines
1.5 KiB
Nix
{pkgs, ...}: let
|
|
# nordvpn = pkgs.callPackage ../pkgs/nordvpn.nix {};
|
|
# nordvpn-rofi = pkgs.callPackage ../pkgs/nordvpn-rofi.nix {};
|
|
in {
|
|
environment.systemPackages = with pkgs; [
|
|
nordvpn
|
|
nordvpn-rofi
|
|
];
|
|
|
|
users.groups.nordvpn = {};
|
|
|
|
# service definition
|
|
systemd.services.nordvpnd = {
|
|
enable = true;
|
|
description = "NordVPN Daemon";
|
|
wants = [ "nordvpnd.socket" ];
|
|
after = [ "network-pre.target" ];
|
|
wantedBy = [ "default.target" ];
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${pkgs.nordvpn}/bin/nordvpnd";
|
|
NonBlocking = "true";
|
|
KillMode = "process";
|
|
Restart = "on-failure";
|
|
RestartSec = "5";
|
|
RuntimeDirectory = "nordvpn";
|
|
RuntimeDirectoryMode= "0750";
|
|
Group = "nordvpn";
|
|
# User = "root"; # uncomment if needed
|
|
};
|
|
};
|
|
|
|
# socket definition
|
|
systemd.sockets.nordvpnd = {
|
|
enable = true;
|
|
description = "NordVPN Daemon Socket";
|
|
partOf = [ "nordvpnd.service" ];
|
|
listenStreams = [ "/run/nordvpn/nordvpnd.sock" ];
|
|
socketConfig = {
|
|
NoDelay = "true";
|
|
SocketGroup = "nordvpn";
|
|
SocketMode = "0770";
|
|
DirectoryMode = "0750";
|
|
};
|
|
wantedBy = [ "sockets.target" ];
|
|
};
|
|
|
|
# system.activationScripts."nordvpn-settings".text = ''
|
|
# ${pkgs.nordvpn}/bin/nordvpn set dns 9.9.9.9 149.112.112.112 1.1.1.1
|
|
# ${pkgs.nordvpn}/bin/nordvpn allowlist add subnet 192.168.0.0/16
|
|
# '';
|
|
}
|