summary refs log tree commit diff
diff options
context:
space:
mode:
authorMatt McHenry <github@matt.mchenryfamily.org>2020-12-02 10:45:03 -0500
committerMatt McHenry <github@matt.mchenryfamily.org>2021-06-02 19:22:13 -0400
commite2b7cfedd6cf29db095dd469e4453c9138c87d1f (patch)
treef93775b38da2d66f65dbebe527f5404e753c8748
parent6160d7374f87af59555dc9f507075c471edf0c73 (diff)
downloadnixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.gz
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.bz2
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.lz
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.xz
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.zst
nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.zip
globalprotect-openconnect: init at 1.2.6
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

Co-authored-by: sterni <sternenseemann@systemli.org>
Diffstat
-rw-r--r--nixos/modules/module-list.nix1
-rw-r--r--nixos/modules/services/networking/globalprotect-vpn.nix43
-rw-r--r--pkgs/tools/networking/globalprotect-openconnect/default.nix43
-rw-r--r--pkgs/top-level/all-packages.nix2
4 files changed, 89 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index aa4e2ccc46b..63aed3e55ba 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -692,6 +692,7 @@
   ./services/networking/gdomap.nix
   ./services/networking/ghostunnel.nix
   ./services/networking/git-daemon.nix
+  ./services/networking/globalprotect-vpn.nix
   ./services/networking/gnunet.nix
   ./services/networking/go-neb.nix
   ./services/networking/go-shadowsocks2.nix
diff --git a/nixos/modules/services/networking/globalprotect-vpn.nix b/nixos/modules/services/networking/globalprotect-vpn.nix
new file mode 100644
index 00000000000..80183f55d32
--- /dev/null
+++ b/nixos/modules/services/networking/globalprotect-vpn.nix
@@ -0,0 +1,43 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.globalprotect;
+
+  execStart = if cfg.csdWrapper == null then
+      "${pkgs.globalprotect-openconnect}/bin/gpservice"
+    else
+      "${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}";
+in
+
+{
+  options.services.globalprotect = {
+    enable = mkEnableOption "globalprotect";
+
+    csdWrapper = mkOption {
+      description = ''
+        A script that will produce a Host Integrity Protection (HIP) report,
+        as described at <link xlink:href="https://www.infradead.org/openconnect/hip.html" />
+      '';
+      default = null;
+      example = literalExample "\${pkgs.openconnect}/libexec/openconnect/hipreport.sh";
+      type = types.nullOr types.path;
+    };
+  };
+
+  config = {
+    services.dbus.packages = [ pkgs.globalprotect-openconnect ];
+
+    systemd.services.gpservice = {
+      description = "GlobalProtect openconnect DBus service";
+      serviceConfig = {
+        Type="dbus";
+        BusName="com.yuezk.qt.GPService";
+        ExecStart=execStart;
+      };
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+    };
+  };
+}
diff --git a/pkgs/tools/networking/globalprotect-openconnect/default.nix b/pkgs/tools/networking/globalprotect-openconnect/default.nix
new file mode 100644
index 00000000000..d61668f7b65
--- /dev/null
+++ b/pkgs/tools/networking/globalprotect-openconnect/default.nix
@@ -0,0 +1,43 @@
+{ stdenv, lib, fetchFromGitHub
+, qmake, qtwebsockets, qtwebengine, wrapQtAppsHook, openconnect
+}:
+
+stdenv.mkDerivation rec {
+  pname = "globalprotect-openconnect";
+  version = "1.2.6";
+
+  src = fetchFromGitHub {
+    owner = "yuezk";
+    repo = "GlobalProtect-openconnect";
+    rev = "c14a6ad1d2b62f8d297bc4cfbcb1dcea4d99112f";
+    fetchSubmodules = true;
+    sha256 = "1zkc3vk1j31n2zs5ammzv23dah7x163gfrzz222ynbkvsccrhzrk";
+  };
+
+  nativeBuildInputs = [ qmake wrapQtAppsHook ];
+
+  buildInputs = [ openconnect qtwebsockets qtwebengine ];
+
+  patchPhase = ''
+    for f in GPClient/GPClient.pro \
+      GPClient/com.yuezk.qt.gpclient.desktop \
+      GPService/GPService.pro \
+      GPService/dbus/com.yuezk.qt.GPService.service \
+      GPService/systemd/gpservice.service; do
+        substituteInPlace $f \
+          --replace /usr $out \
+          --replace /etc $out/lib;
+    done;
+
+    substituteInPlace GPService/gpservice.h \
+      --replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect;
+  '';
+
+  meta = with lib; {
+    description = "GlobalProtect VPN client (GUI) for Linux based on OpenConnect that supports SAML auth mode";
+    homepage = "https://github.com/yuezk/GlobalProtect-openconnect";
+    license = licenses.gpl3Only;
+    maintainers = [ maintainers.jerith666 ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 10a416ae5b7..3fb19879563 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -9485,6 +9485,8 @@ in
     openssl = null;
   };
 
+  globalprotect-openconnect = libsForQt5.callPackage ../tools/networking/globalprotect-openconnect { };
+
   ding-libs = callPackage ../tools/misc/ding-libs { };
 
   sssd = callPackage ../os-specific/linux/sssd {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-13 16:15:46 +0000