Openvpn instead

keys/secrets.nix

@@ -15,5 +15,6 @@ in
   "wg-ren.priv".publicKeys = macbook++master++ren;
   "ren.priv".publicKeys = master ++ ren;
   "wg-scribe".publicKeys = master ++ ren ++ macbook;
+  "scribe".publicKeys = master ++ ren ++ macbook;
   "smbshare".publicKeys = master ++ macbook ++ ren ++ selene;
 }

modules/servermodules/arr/arr.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 let
   mediaGroup = "media";
 in
@@ -15,12 +15,18 @@ in
     ];
   };
 
-  age.secrets.wg-scribe = {
+  age.secrets.vpn = {
-    file = ../../../keys/wg-scribe;
+    file = ../../../keys/scribe;
-    path = "/etc/wireguard/wg-scribe.conf";
+    owner = "ren";
   };
 
-  networking.firewall.trustedInterfaces = [ "wg-selene" "wg-scribe" ];
+  services.openvpn.servers = {
+    officeVPN = {
+      config = ''config ${config.age.secrets.vpn.path} '';
+    };
+  };
+
+  networking.firewall.trustedInterfaces = [ "wg-selene" ];
   networking.firewall.allowedUDPPorts = [ 23379 ];
   networking.firewall.allowedTCPPorts = [ 23379 ];