Remove openvpn

hosts/Legion/configuration.nix

@@ -1,14 +1,7 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running `nixos-help`).
-{ lib, ... }:
+{ lib, ... }: {
-let
-  # generate via openvpn --genkey --secret openvpn-laptop.key
-  client-key = "/root/openvpn.key";
-  domain = "vpn.xenia.me.uk";
-  vpn-dev = "tun0";
-  port = 1194;
-in {
   users.mutableUsers = false;
   system.autoUpgrade = {
     allowReboot = lib.mkForce true;
@@ -17,66 +10,4 @@ in {
       upper = "05:00";
     };
   };
-  networking = {
-    nat = {
-      enable = true;
-      externalInterface = "enp42s0";
-      internalInterfaces = [ vpn-dev ];
-    };
-    firewall = {
-      trustedInterfaces = [ vpn-dev ];
-      allowedUDPPorts = [ port ];
-    };
-  };
-  services.openvpn = {
-    restartAfterSleep = true;
-    servers.xenia.config = ''
-      dev ${vpn-dev}
-      proto udp
-      ifconfig 10.8.0.1 10.8.0.2
-      secret ${client-key}
-      port ${toString port}
-
-      cipher AES-256-CBC
-      auth-nocache
-
-      comp-lzo
-      keepalive 10 60
-      ping-timer-rem
-      persist-tun
-      persist-key
-    '';
-  };
-
-  environment.etc."openvpn/client.ovpn" = {
-    text = ''
-      dev tun
-      remote "${domain}"
-      ifconfig 10.8.0.2 10.8.0.1
-      port ${toString port}
-      redirect-gateway def1
-
-      cipher AES-256-CBC
-      auth-nocache
-
-      comp-lzo
-      keepalive 10 60
-      resolv-retry infinite
-      nobind
-      persist-key
-      persist-tun
-      secret [inline]
-
-    '';
-    mode = "600";
-  };
-  system.activationScripts.openvpn-addkey = ''
-    f="/etc/openvpn/client.ovpn"
-    if ! grep -q '<secret>' $f; then
-      echo "appending secret key"
-      echo "<secret>" >> $f
-      cat ${client-key} >> $f
-      echo "</secret>" >> $f
-    fi
-  '';
 }