cleanup

2026-03-18 21:15:20 -05:00
parent 5466c59dde
commit c1028fc0f0
5 changed files with 27 additions and 478 deletions
--- a/systems/x86_64-linux/jallen-nas/vpn.nix
+++ b/systems/x86_64-linux/jallen-nas/vpn.nix
@@ -3,13 +3,6 @@
  lib,
  ...
 }:
-# let
-#   configFile = pkgs.writeText "openvpn-config-us.protonvpn.udp" ''
-#     errors-to-stderr
-#     ${config.services.openvpn.servers."us.protonvpn.udp".config}
-#     auth-user-pass ${config.services.openvpn.servers."us.protonvpn.udp".authUserPass}
-#   '';
-# in
 {
  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
  sops = {
@@ -31,80 +24,6 @@
    };
  };

-  # networking.nftables = {
-  #   enable = true;
-  #   ruleset = ''
-  #     table ip nat {
-  #       chain postrouting {
-  #         type nat hook postrouting priority 100;
-  #         oifname "enp197s0" ip saddr 10.200.0.0/30 masquerade
-  #       }
-  #     }
-  #   '';
-  # };
-
-  # systemd.services = {
-  #   vpn-netns =
-  #   let
-  #     ip = "${pkgs.iproute2}/bin/ip";
-  #   in  {
-  #     description = "Create VPN network namespace";
-  #     wantedBy = [ "multi-user.target" ];
-  #     before = [ "openvpn-us.protonvpn.udp.service" ];
-
-  #     serviceConfig = {
-  #       Type = "oneshot";
-  #       RemainAfterExit = true;
-
-  #       ExecStart = pkgs.writeShellScript "vpn-netns-up" ''
-  #         set -euxo pipefail
-
-  #         # Ensure namespace exists
-  #         ${ip} netns add vpn 2>/dev/null || true
-
-  #         # Clean up any previous veth (deleting one end deletes the peer too)
-  #         ${ip} link del veth-host 2>/dev/null || true
-
-  #         # Create veth pair
-  #         ${ip} link add veth-host type veth peer name veth-vpn
-
-  #         # Move peer into namespace
-  #         ${ip} link set veth-vpn netns vpn
-
-  #         # Host side
-  #         ${ip} addr add 10.200.0.1/30 dev veth-host 2>/dev/null || true
-  #         ${ip} link set veth-host up
-
-  #         # Namespace side
-  #         ${ip} -n vpn addr add 10.200.0.2/30 dev veth-vpn 2>/dev/null || true
-  #         ${ip} -n vpn link set veth-vpn up
-  #         ${ip} -n vpn link set lo up
-
-  #         # Default route in namespace via host
-  #         ${ip} -n vpn route replace default via 10.200.0.1
-
-  #         ${ip} -n vpn route replace 10.0.1.0/24 via 10.200.0.1 dev veth-vpn
-  #       '';
-  #       ExecStop = pkgs.writeShellScript "vpn-netns-down" ''
-  #         set -eux
-  #         ${ip} link del veth-host 2>/dev/null || true
-  #       '';
-  #     };
-  #   };
-
-  #   "openvpn-us.protonvpn.udp" = {
-  #     after = [ "network-online.target" "vpn-netns.service" ];
-  #     wants = [ "network-online.target" ];
-  #     serviceConfig = {
-  #       ExecStart = lib.mkOverride 90 ''
-  #         ${pkgs.iproute2}/bin/ip netns exec vpn \
-  #           ${pkgs.openvpn}/sbin/openvpn --config ${configFile}
-  #       '';
-  #     };
-  #   };
-  # };
-
-  # Services configs
  services = {
    openvpn = {
      servers = {