diff options
author | Christian Kögler <ck3d@gmx.de> | 2022-08-15 14:43:13 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-15 14:43:13 +0200 |
commit | 0884cb0ba24297c6bda20e684363e6c9aab82a90 (patch) | |
tree | 495232b14de3249fc124a3daceeeddd0b3fa1a12 | |
parent | e76b7b68850084e6687d0d0066691add3668c61d (diff) | |
parent | f880ea69baef7e6b7a639fab64ebc1fdde15962d (diff) | |
download | nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar.gz nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar.bz2 nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar.lz nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar.xz nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.tar.zst nixpkgs-0884cb0ba24297c6bda20e684363e6c9aab82a90.zip |
Merge pull request #177577 from jmbaur/globalprotect-openconnect_config
nixos/globalprotect: add settings option for service configuration
-rw-r--r-- | nixos/modules/services/networking/globalprotect-vpn.nix | 27 | ||||
-rw-r--r-- | pkgs/tools/networking/globalprotect-openconnect/default.nix | 4 |
2 files changed, 23 insertions, 8 deletions
diff --git a/nixos/modules/services/networking/globalprotect-vpn.nix b/nixos/modules/services/networking/globalprotect-vpn.nix index 19d6e8bfac6..bb60916244f 100644 --- a/nixos/modules/services/networking/globalprotect-vpn.nix +++ b/nixos/modules/services/networking/globalprotect-vpn.nix @@ -5,7 +5,8 @@ with lib; let cfg = config.services.globalprotect; - execStart = if cfg.csdWrapper == null then + execStart = + if cfg.csdWrapper == null then "${pkgs.globalprotect-openconnect}/bin/gpservice" else "${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}"; @@ -15,6 +16,22 @@ in options.services.globalprotect = { enable = mkEnableOption "globalprotect"; + settings = mkOption { + description = '' + GlobalProtect-openconnect configuration. For more information, visit + <link + xlink:href="https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration" + />. + ''; + default = { }; + example = { + "vpn1.company.com" = { + openconnect-args = "--script=/path/to/vpnc-script"; + }; + }; + type = types.attrs; + }; + csdWrapper = mkOption { description = lib.mdDoc '' A script that will produce a Host Integrity Protection (HIP) report, @@ -29,12 +46,14 @@ in config = mkIf cfg.enable { services.dbus.packages = [ pkgs.globalprotect-openconnect ]; + environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings; + systemd.services.gpservice = { description = "GlobalProtect openconnect DBus service"; serviceConfig = { - Type="dbus"; - BusName="com.yuezk.qt.GPService"; - ExecStart=execStart; + Type = "dbus"; + BusName = "com.yuezk.qt.GPService"; + ExecStart = execStart; }; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; diff --git a/pkgs/tools/networking/globalprotect-openconnect/default.nix b/pkgs/tools/networking/globalprotect-openconnect/default.nix index e35abc33ca9..6558d72ecd9 100644 --- a/pkgs/tools/networking/globalprotect-openconnect/default.nix +++ b/pkgs/tools/networking/globalprotect-openconnect/default.nix @@ -21,10 +21,6 @@ stdenv.mkDerivation rec { patchPhase = '' substituteInPlace GPService/gpservice.h \ --replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect; - substituteInPlace GPClient/settingsdialog.ui \ - --replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf; - substituteInPlace GPService/gpservice.cpp \ - --replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf; substituteInPlace GPService/CMakeLists.txt \ --replace /etc/gpservice $out/etc/gpservice; ''; |