|
|
f986936bbd
|
wg-home-refresh: use the sandboxed wireguard-tools
|
2024-08-09 23:52:31 +00:00 |
|
|
|
055ad222e3
|
wg-home-refresh: harden systemd service
|
2024-08-09 23:05:58 +00:00 |
|
|
|
6a7dd31755
|
vpn: fix warning about missing /32 syntax
|
2024-08-02 00:37:58 +00:00 |
|
|
|
3c53bca156
|
vpn: log a message whenever the endpoint is updated
only as i'm actively working in this area. hopefully this log message can be less noisy in the future
|
2024-07-06 03:03:38 +00:00 |
|
|
|
6d66a5dbf8
|
vpn: add a service to auto-refresh wireguard endpoints
|
2024-07-05 20:06:16 +00:00 |
|
|
|
5d80e298b5
|
wg-home: deploy so as to be compatible with sane-vpn (e.g., route *WAN* traffic through it)
|
2024-07-05 18:45:26 +00:00 |
|
|
|
845dba3ca5
|
modules/vpn: fix deprecation warnings
|
2024-06-22 03:35:41 +00:00 |
|
|
|
6a15434cc6
|
net/vpn: remove the bridge devices from my VPN setup
|
2024-05-26 01:18:30 +00:00 |
|
|
|
b035d312aa
|
firejail: purge
|
2024-05-25 10:21:31 +00:00 |
|
|
|
bb569b1668
|
sane-vpn: port away from systemd so that i can use it as an ordinary user (no sudo)
|
2024-02-20 22:21:02 +00:00 |
|
|
|
34524ea3e4
|
modules/vpn: fix the vpn-* systemd services
|
2024-02-20 20:40:46 +00:00 |
|
|
|
992194a1f0
|
programs: achieve network sandboxing without "sane-vpn do"
|
2024-01-21 03:51:12 +00:00 |
|
|
|
bad6a7bfee
|
programs: implement "default vpn" with native nix code instead of sane-vpn
|
2024-01-21 01:04:31 +00:00 |
|
|
|
66d5e204be
|
vpn: enforce "id" restrictions
|
2024-01-21 00:57:46 +00:00 |
|
|
|
ce35330923
|
vpn.nix: factor into a proper module
this will allow for better integration with 'sane.programs'
|
2024-01-21 00:49:34 +00:00 |
|
