tuda-vpn (not working?)

2026-05-13 16:08:13 +02:00
parent 674c83d3ae
commit bf074967e5
1 changed files with 34 additions and 12 deletions
--- a/system-modules/tuda.nix
+++ b/system-modules/tuda.nix
@@ -13,18 +13,40 @@
    openconnect
    networkmanager-openconnect
  ];
-  networking.openconnect = {
-    package = pkgs.openconnect;
-    interfaces = {
-      openconnect0 = {
-        autoStart = false;
-        certificate = "/home/nx2/tuda-rootcert.crt";
-        # extraOptions = { compression = "stateless"; no-dtls = true; no-http-keepalive = true; };
+  networking.networkmanager = {
+    plugins = with pkgs; [ networkmanager-openconnect ];
+    ensureProfiles.profiles = {
+      "tuda-vpn" = {
+        connection = {
+          autoconnect = "false";
+          id = "tuda-vpn";
+          type = "vpn";
+        };
+        ipv4.method = "auto";
+        ipv6 = {
+          addr-gen-mode = "stable-privacy";
+          method = "auto";
+        };
+        vpn = {
+          authtype = "password";
+          autoconnect-flags = "0";
+          certsigs-flags = "0";
+          cookie-flags = "2";
+          disable_udp = "no";
+          enable_csd_trojan = "no";
          gateway = "vpn.hrz.tu-darmstadt.de";
-        # passwordFile = "/var/lib/secrets/openconnect-passwd";
-        # privateKey = "/var/lib/secrets/openconnect_private_key.pem";
+          gateway-flags = "2";
+          gwcert-flags = "2";
+          lasthost-flags = "0";
+          pem_passphrase_fsid = "no";
+          prevent_invalid_cert = "no";
          protocol = "anyconnect";
-        user = secrets.email.tuda.tuid;
+          resolve-flags = "2";
+          service-type = "org.freedesktop.NetworkManager.openconnect";
+          stoken_source = "disabled";
+          xmlconfig-flags = "0";
+          password-flags = 0;
+        };
      };
    };
  };