refactor sops/vpn into modules

6 files changed, 8 insertions, 108 deletions

diff --git a/hosts/shinji/default.nix b/hosts/shinji/default.nix
index cbe6834..405e0c9 100644
--- a/hosts/shinji/default.nix
+++ b/hosts/shinji/default.nix
@@ -3,8 +3,6 @@
 {pkgs, ...}: {
   imports = [
     ./hardware.nix
-    ./sops.nix
-    ./wireguard.nix
   ];
 
   # options
@@ -92,6 +90,10 @@
     docker.enable = true;
     qemu.enable = true;
   };
+  vpn = {
+    enable = true;
+    ip = "10.3.0.3/32";
+  };
 
   # modules
   amdgpu.enable = true;
diff --git a/hosts/shinji/sops.nix b/hosts/shinji/sops.nix
deleted file mode 100644
index 9169bbc..0000000
--- a/hosts/shinji/sops.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  config,
-  pkgs,
-  inputs,
-  ...
-}: {
-  imports = [
-    inputs.sops-nix.nixosModules.sops
-  ];
-
-  environment.systemPackages = with pkgs; [
-    sops
-  ];
-
-  sops = {
-    defaultSopsFile = ./secrets.yaml;
-
-    gnupg.home = config.homePath + "/.local/share/gnupg";
-    gnupg.sshKeyPaths = [];
-
-    secrets = {
-      freyanetWg = {};
-    };
-  };
-}
diff --git a/hosts/shinji/wireguard.nix b/hosts/shinji/wireguard.nix
deleted file mode 100644
index 8e42f9d..0000000
--- a/hosts/shinji/wireguard.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
-  environment.systemPackages = with pkgs; [
-    wireguard-tools
-  ];
-
-  networking.wg-quick.interfaces = {
-    freyanet = {
-      address = ["10.3.0.3/32"];
-      dns = ["10.2.0.1"];
-      privateKeyFile = config.sops.secrets.freyanetWg.path;
-      autostart = false;
-
-      peers = [
-        {
-          publicKey = "x0ykwakpYCvI/pG+nR83lNUyeOE9m54thnX3bvZ+FUk=";
-          allowedIPs = ["10.0.0.0/8"];
-          endpoint = "freya.cat:3000";
-          persistentKeepalive = 25;
-        }
-      ];
-    };
-  };
-}
diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix
index 11b5bcb..8db964c 100644
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@@ -3,8 +3,6 @@
 _: {
   imports = [
     ./hardware.nix
-    ./sops.nix
-    ./wireguard.nix
   ];
 
   # options
@@ -35,6 +33,10 @@ _: {
     homestuck.enable = true;
     minecraft.enable = true;
   };
+  vpn = {
+    enable = true;
+    ip = "10.3.0.5/32";
+  };
 
   # modules
   battery.enable = true;
diff --git a/hosts/thinkpad/sops.nix b/hosts/thinkpad/sops.nix
deleted file mode 100644
index 9169bbc..0000000
--- a/hosts/thinkpad/sops.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  config,
-  pkgs,
-  inputs,
-  ...
-}: {
-  imports = [
-    inputs.sops-nix.nixosModules.sops
-  ];
-
-  environment.systemPackages = with pkgs; [
-    sops
-  ];
-
-  sops = {
-    defaultSopsFile = ./secrets.yaml;
-
-    gnupg.home = config.homePath + "/.local/share/gnupg";
-    gnupg.sshKeyPaths = [];
-
-    secrets = {
-      freyanetWg = {};
-    };
-  };
-}
diff --git a/hosts/thinkpad/wireguard.nix b/hosts/thinkpad/wireguard.nix
deleted file mode 100644
index 72eb113..0000000
--- a/hosts/thinkpad/wireguard.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
-  environment.systemPackages = with pkgs; [
-    wireguard-tools
-  ];
-
-  networking.wg-quick.interfaces = {
-    freyanet = {
-      address = ["10.3.0.5/32"];
-      dns = ["10.2.0.1"];
-      privateKeyFile = config.sops.secrets.freyanetWg.path;
-      autostart = false;
-
-      peers = [
-        {
-          publicKey = "x0ykwakpYCvI/pG+nR83lNUyeOE9m54thnX3bvZ+FUk=";
-          allowedIPs = ["10.0.0.0/8"];
-          endpoint = "freya.cat:3000";
-          persistentKeepalive = 25;
-        }
-      ];
-    };
-  };
-}