bendlas
commented
11 months ago Is it too much effort to try to use this without installing Nix first?
I didn't change anything that would add a requirement to Nix (or other dependencies) and I'd expect it to work if you plug it into an existing openvpn build. I added the Nix build for convenience.
If I build it with Nix in one machine, will I need to install Nix on other machines I want to use it or can I distribute a binary or something?
The good thing with a Nix closure is that it's fully self-contained up to the kernel.
It's not a supported method, but I have successfully deployed a complex Nix project to an Arch machine in the past, by doing something like rsync -a $(nix-store -qR ./result) root@machine.
A more "regular" way of doing this would be to e.g. copy to ~/.local/share/nix and then use a very light-weight container -- like bubblewrap, or even raw unshare(2) -- to bind-mount that to /nix. I think I've even seen a pre-made solution for this at some point, but don't know how to google it right now ...
I'd like to use this as a replacement of AWS VPN Client in my company but I can't afford to install Nix on every machine.
That's what I've created this for. We're deploying this in devenv, so the Nix point is moot, but as noted that shouldn't be more of an issue than any other custom openvpn build ...
Is it too much effort to try to use this without installing Nix first?
If I build it with Nix in one machine, will I need to install Nix on other machines I want to use it or can I distribute a binary or something?
I'd like to use this as a replacement of AWS VPN Client in my company but I can't afford to install Nix on every machine.