From d7b18d21365d1cac3a271b9618d99b740b2f52cb Mon Sep 17 00:00:00 2001
From: Adithya Nair <adtya@adtya.xyz>
Date: Fri, 25 Oct 2024 23:01:15 +0530
Subject: [PATCH] layne: setup VPN

---
 hosts/layne/network.nix | 11 +++++++++++
 secrets.yaml            |  8 +++++---
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/hosts/layne/network.nix b/hosts/layne/network.nix
index b4479b6..8746f6f 100644
--- a/hosts/layne/network.nix
+++ b/hosts/layne/network.nix
@@ -16,6 +16,11 @@
       owner = config.users.users.root.name;
       group = config.users.users.root.group;
     };
+    "proton/layne" = {
+      mode = "400";
+      owner = config.users.users.root.name;
+      group = config.users.users.root.group;
+    };
   };
 
   nodeconfig.wireguard = {
@@ -27,4 +32,10 @@
       "10.10.10.14/24"
     ];
   };
+
+  networking.wg-quick = {
+    interfaces = {
+      ProtonVPN.configFile = config.sops.secrets."proton/layne".path;
+    };
+  };
 }
diff --git a/secrets.yaml b/secrets.yaml
index a17e9e7..b956c7d 100644
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -26,6 +26,8 @@ matrix:
     syncv3_secret: ENC[AES256_GCM,data:05lLSSolNO55VjJQL3nLNGo2jiZUZht2FKNvc2O2dCccSfglrwm6J5Guzns9ZlT8X9j74lvlWlbM6Q==,iv:1zARbgZ9GJV1UMJ+WjFPNYPqhRjGVj4iLYMpfsRjrko=,tag:fQ9Vg1xD1k2eYlEbtF6q8A==,type:str]
 caddy:
     env_file: ENC[AES256_GCM,data:FPMNS356/fZ9DFgu0/lH5S2+zKBkeo5VAYFK9fFgxNRm2IRWQg79yfW8xTJuAZw5AZrEiNvpfU0eDO+q1fLEdJccINHatKjTD/gMUCb3oAA7u6b2,iv:sBmSTTtvRtOtoBSEMzzhtnSFoX9Va85g6K2bVxB4Kak=,tag:pv7/pwG3M2qrnrMMJ9eePw==,type:str]
+proton:
+    layne: ENC[AES256_GCM,data:7bJBG+GWo5XycWR3MiJJItJjdDXxmri+tdbOxc9DymkViyixJ6+zwrabZvoVtEwzJY5S18b5RgyAWlexynlIXmoywavbieHh9RSRNzXStQpZGxCzvLUy2gJJXgA6URHlcFQxQ52A7z1ffB8EfXO6MGnK8MhMTkN8n66+Tj+gLhVVGmypYfgXcQ1CCNDVU9iW9KYJm5rOVTu+rdijQZi4pXQXbwR3skWgrxCy/AaA56uBipHh4yL6w/Zvm6C4j4MUR0Ql7ugUNdX2yx+oEQmrtDQT8zbP0xhhtS4r3pTBJTp1kA==,iv:c/ytTNloIt7Mo/wpV7Y9W0xQStwCQk5/uhH2CArRu1c=,tag:UcYM2zpXScYDtzjCMmJGow==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -95,8 +97,8 @@ sops:
             YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM
             fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-09-14T14:04:05Z"
-    mac: ENC[AES256_GCM,data:Vw54t+H/aHL/eZNQfqU286frv4Tssi6SBJULel3FThOrvmdRDAW5I/yCrnveW08cxcE6BKaHjIhi5OkZYPeEMJdJLsZwcaXLzX1IKKk2wKlB+SlzwHAoMYmawaeIlrHBRbskvTClN9K6G69EH7p5ZBBrC+OQHHKCLOMvEalC9Js=,iv:MXxG8gVchbNxUmIXlDRIcUsrZex9Wj8Z7W24BErHwmw=,tag:Lo65RimG0l/B8a1AEQnaKA==,type:str]
+    lastmodified: "2024-10-25T07:58:00Z"
+    mac: ENC[AES256_GCM,data:ewe54xN+92M6NiUiII/sfZ9YbIZ6qr+oLjOKCwJTRLUH5LKWKklHq/Syk6e+VegE9sdQDLSU0XQBeEfmmLEA5QCpVNjzKC+0X5ERawUmllG95O23W5lWzUddCO+XsGRfveZkj8654xLdgWiQd4fh3DOhusjpzYzemlJDYmtSTQE=,iv:SYeXhdDyH4Le9trSOcz4Pg0jPKTHJVkFpMN0+Q6RL9E=,tag:Fnq582qwou0JbwZhb4Ih+g==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.9.0
+    version: 3.9.1