fix(tazjin/tverskoy): Downgrade strongswan to 5.9.4

Comments contain all the relevant info.

Change-Id: I6d4a715889b562dc79148314092f698ceefcac88
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5221
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>

users/tazjin/nixos/tverskoy/default.nix

@@ -25,6 +25,12 @@ lib.fix (self: {
 
   tvl.cache.enable = true;
 
+  # Work around strongswan 5.9.4 being incompatible with servers not
+  # patched against some CVE. I need this for work ..
+  nixpkgs.overlays = [
+    depot.third_party.overlays.strongswan-workaround
+  ];
+
   boot = rec {
     initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
     initrd.kernelModules = [ ];