Remove mullvad vpn

flake.nix

@@ -126,14 +126,12 @@
             ./system/monolith-gitlab-runner.nix
             ./system/nix-serve.nix
             ./system/steam.nix
-            # { services.vpn.enable = true; }
           ] ++ common_modules;
         };
         rainbow = lib.nixosSystem {
           inherit system specialArgs;
           modules = [
             ./hosts/rainbow.nix
-            { services.vpn.enable = true; }
             ./system/rainbow-gitlab-runner.nix
           ] ++ common_modules;
         };

system/configuration.nix

@@ -7,7 +7,6 @@
     ./cachix.nix
     ./media-packages.nix
     ./boot.nix
-    ./vpn.nix
     ./thunar.nix
     ./nix.nix
   ];

system/vpn.nix

@@ -1,93 +0,0 @@
-{ pkgs, lib, config, ... }:
-let
-  cfg = config.services.vpn;
-in
-{
-  options.services.vpn = {
-    enable = lib.mkEnableOption "Whether vpn should be enabled";
-  };
-
-  config = lib.mkIf cfg.enable {
-    networking.firewall.enable = false;
-
-    services.mullvad-vpn.enable = true;
-    services.mullvad-vpn.package = pkgs.mullvad-vpn;
-
-    networking.nftables = {
-      enable = true;
-      ruleset = ''
-        table inet allowAll {
-            chain allowIncoming {
-                type filter hook input priority -100; policy accept;
-                tcp dport 0-10999 ct mark set 0x00000f41 meta mark set 0x6d6f6c65
-            }
-            chain allowOutgoing {
-                type route hook output priority -100; policy accept;
-                tcp sport 0-10999 ct mark set 0x00000f41 meta mark set 0x6d6f6c65
-            }
-        }
-
-        ######################################
-        #       _            _               #
-        #    __| | ___   ___| | _____ _ __   #
-        #   / _` |/ _ \ / __| |/ / _ \ '__|  #
-        #  | (_| | (_) | (__|   <  __/ |     #
-        #   \__,_|\___/ \___|_|\_\___|_|     #
-        #                                    #
-        ######################################
-
-        # This gets sent to the vpn so it's safe
-
-        table ip nat {
-            chain DOCKER {
-                iifname "docker0" counter packets 0 bytes 0 return
-            }
-
-            chain POSTROUTING {
-                type nat hook postrouting priority srcnat; policy accept;
-                oifname != "docker0" ip saddr 172.17.0.0/16 counter packets 0 bytes 0 masquerade
-            }
-
-            chain PREROUTING {
-                type nat hook prerouting priority dstnat; policy accept;
-                fib daddr type local counter packets 5 bytes 252 jump DOCKER
-            }
-
-            chain OUTPUT {
-                type nat hook output priority -100; policy accept;
-                ip daddr != 127.0.0.0/8 fib daddr type local counter packets 0 bytes 0 jump DOCKER
-            }
-        }
-        table ip filter {
-            chain DOCKER {
-            }
-
-            chain DOCKER-ISOLATION-STAGE-1 {
-                iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-2
-                counter packets 0 bytes 0 return
-            }
-
-            chain DOCKER-ISOLATION-STAGE-2 {
-                oifname "docker0" counter packets 0 bytes 0 drop
-                counter packets 0 bytes 0 return
-            }
-
-            chain FORWARD {
-                type filter hook forward priority filter; policy accept;
-                counter packets 0 bytes 0 jump DOCKER-USER
-                counter packets 0 bytes 0 jump DOCKER-ISOLATION-STAGE-1
-                oifname "docker0" ct state related,established counter packets 0 bytes 0 accept
-                oifname "docker0" counter packets 0 bytes 0 jump DOCKER
-                iifname "docker0" oifname != "docker0" counter packets 0 bytes 0 accept
-                iifname "docker0" oifname "docker0" counter packets 0 bytes 0 accept
-            }
-
-            chain DOCKER-USER {
-                counter packets 0 bytes 0 return
-            }
-        }
-
-      '';
-    };
-  };
-}