54 lines
1.3 KiB
Nix
54 lines
1.3 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
let
|
|
# Optional: create a runtime directory for pia-manager to store configs
|
|
piaDir = "${config.home.homeDirectory}/.config/pia";
|
|
cfg = config.homeModules.vpnpia;
|
|
in
|
|
|
|
lib.mkIf cfg.enable {
|
|
home.packages = with pkgs; [
|
|
openvpn
|
|
#pia-manager
|
|
wireguard-tools
|
|
jq
|
|
systemd
|
|
];
|
|
|
|
home.file.".config/pia/config.json".text = builtins.toJSON {
|
|
token = "REPLACE_WITH_YOUR_PIA_TOKEN";
|
|
region = "DE Frankfurt"; # Adjust to your preferred location
|
|
protocol = "wireguard"; # or "openvpn_udp"/"openvpn_tcp"
|
|
dns = true;
|
|
port_forward = false;
|
|
};
|
|
|
|
systemd.user.services.pia-vpn = {
|
|
Unit = {
|
|
Description = "Private Internet Access VPN";
|
|
After = [ "network.target" ];
|
|
};
|
|
|
|
Service = {
|
|
Type = "simple";
|
|
#ExecStart = "${pkgs.pia-manager}/bin/pia-manager up --config ${piaDir}/config.json";
|
|
#ExecStop = "${pkgs.pia-manager}/bin/pia-manager down";
|
|
Restart = "on-failure";
|
|
};
|
|
|
|
Install = {
|
|
WantedBy = [ "default.target" ];
|
|
};
|
|
};
|
|
|
|
# Enable service on login
|
|
systemd.user.startServices = true;
|
|
|
|
# Optional: add a shell alias for manual control
|
|
programs.zsh.shellAliases = {
|
|
vpn-up = "systemctl --user start pia-vpn";
|
|
vpn-down = "systemctl --user stop pia-vpn";
|
|
vpn-status = "systemctl --user status pia-vpn";
|
|
};
|
|
}
|