swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-21 04:49:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

nixos/globalprotect: add settings option for service configuration

Browse source
This commit is contained in:
Jared Baur 2022-06-13 15:29:41 -07:00
parent 0d27868e91
commit f880ea69ba
No known key found for this signature in database
GPG key ID: E4C67A4953D58D3C
2 changed files with 23 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
nixos/modules/services/networking/globalprotect-vpn.nix
View file

@ -5,7 +5,8 @@ with lib;
let
cfg = config.services.globalprotect;
execStart = if cfg.csdWrapper == null then
execStart =
if cfg.csdWrapper == null then
"${pkgs.globalprotect-openconnect}/bin/gpservice"
else
"${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}";
@ -15,6 +16,22 @@ in
options.services.globalprotect = {
enable = mkEnableOption "globalprotect";
settings = mkOption {
description = ''
GlobalProtect-openconnect configuration. For more information, visit
<link
xlink:href="https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration"
/>.
'';
default = { };
example = {
"vpn1.company.com" = {
openconnect-args = "--script=/path/to/vpnc-script";
};
};
type = types.attrs;
};
csdWrapper = mkOption {
description = ''
A script that will produce a Host Integrity Protection (HIP) report,
@ -29,6 +46,8 @@ in
config = mkIf cfg.enable {
services.dbus.packages = [ pkgs.globalprotect-openconnect ];
environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings;
systemd.services.gpservice = {
description = "GlobalProtect openconnect DBus service";
serviceConfig = {

4
pkgs/tools/networking/globalprotect-openconnect/default.nix
View file

@ -21,10 +21,6 @@ stdenv.mkDerivation rec {
patchPhase = ''
substituteInPlace GPService/gpservice.h \
--replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect;
substituteInPlace GPClient/settingsdialog.ui \
--replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf;
substituteInPlace GPService/gpservice.cpp \
--replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf;
substituteInPlace GPService/CMakeLists.txt \
--replace /etc/gpservice $out/etc/gpservice;
'';