diff options
author | Matt McHenry <github@matt.mchenryfamily.org> | 2020-12-02 10:45:03 -0500 |
---|---|---|
committer | Matt McHenry <github@matt.mchenryfamily.org> | 2021-06-02 19:22:13 -0400 |
commit | e2b7cfedd6cf29db095dd469e4453c9138c87d1f (patch) | |
tree | f93775b38da2d66f65dbebe527f5404e753c8748 | |
parent | 6160d7374f87af59555dc9f507075c471edf0c73 (diff) | |
download | nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.gz nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.bz2 nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.lz nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.xz nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.tar.zst nixpkgs-e2b7cfedd6cf29db095dd469e4453c9138c87d1f.zip |
globalprotect-openconnect: init at 1.2.6
Co-authored-by: Sandro <sandro.jaeckel@gmail.com> Co-authored-by: sterni <sternenseemann@systemli.org>
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/globalprotect-vpn.nix | 43 | ||||
-rw-r--r-- | pkgs/tools/networking/globalprotect-openconnect/default.nix | 43 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
4 files changed, 89 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index aa4e2ccc46b..63aed3e55ba 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -692,6 +692,7 @@ ./services/networking/gdomap.nix ./services/networking/ghostunnel.nix ./services/networking/git-daemon.nix + ./services/networking/globalprotect-vpn.nix ./services/networking/gnunet.nix ./services/networking/go-neb.nix ./services/networking/go-shadowsocks2.nix diff --git a/nixos/modules/services/networking/globalprotect-vpn.nix b/nixos/modules/services/networking/globalprotect-vpn.nix new file mode 100644 index 00000000000..80183f55d32 --- /dev/null +++ b/nixos/modules/services/networking/globalprotect-vpn.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.globalprotect; + + execStart = if cfg.csdWrapper == null then + "${pkgs.globalprotect-openconnect}/bin/gpservice" + else + "${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}"; +in + +{ + options.services.globalprotect = { + enable = mkEnableOption "globalprotect"; + + csdWrapper = mkOption { + description = '' + A script that will produce a Host Integrity Protection (HIP) report, + as described at <link xlink:href="https://www.infradead.org/openconnect/hip.html" /> + ''; + default = null; + example = literalExample "\${pkgs.openconnect}/libexec/openconnect/hipreport.sh"; + type = types.nullOr types.path; + }; + }; + + config = { + services.dbus.packages = [ pkgs.globalprotect-openconnect ]; + + systemd.services.gpservice = { + description = "GlobalProtect openconnect DBus service"; + serviceConfig = { + Type="dbus"; + BusName="com.yuezk.qt.GPService"; + ExecStart=execStart; + }; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + }; + }; +} diff --git a/pkgs/tools/networking/globalprotect-openconnect/default.nix b/pkgs/tools/networking/globalprotect-openconnect/default.nix new file mode 100644 index 00000000000..d61668f7b65 --- /dev/null +++ b/pkgs/tools/networking/globalprotect-openconnect/default.nix @@ -0,0 +1,43 @@ +{ stdenv, lib, fetchFromGitHub +, qmake, qtwebsockets, qtwebengine, wrapQtAppsHook, openconnect +}: + +stdenv.mkDerivation rec { + pname = "globalprotect-openconnect"; + version = "1.2.6"; + + src = fetchFromGitHub { + owner = "yuezk"; + repo = "GlobalProtect-openconnect"; + rev = "c14a6ad1d2b62f8d297bc4cfbcb1dcea4d99112f"; + fetchSubmodules = true; + sha256 = "1zkc3vk1j31n2zs5ammzv23dah7x163gfrzz222ynbkvsccrhzrk"; + }; + + nativeBuildInputs = [ qmake wrapQtAppsHook ]; + + buildInputs = [ openconnect qtwebsockets qtwebengine ]; + + patchPhase = '' + for f in GPClient/GPClient.pro \ + GPClient/com.yuezk.qt.gpclient.desktop \ + GPService/GPService.pro \ + GPService/dbus/com.yuezk.qt.GPService.service \ + GPService/systemd/gpservice.service; do + substituteInPlace $f \ + --replace /usr $out \ + --replace /etc $out/lib; + done; + + substituteInPlace GPService/gpservice.h \ + --replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect; + ''; + + meta = with lib; { + description = "GlobalProtect VPN client (GUI) for Linux based on OpenConnect that supports SAML auth mode"; + homepage = "https://github.com/yuezk/GlobalProtect-openconnect"; + license = licenses.gpl3Only; + maintainers = [ maintainers.jerith666 ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 10a416ae5b7..3fb19879563 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9485,6 +9485,8 @@ in openssl = null; }; + globalprotect-openconnect = libsForQt5.callPackage ../tools/networking/globalprotect-openconnect { }; + ding-libs = callPackage ../tools/misc/ding-libs { }; sssd = callPackage ../os-specific/linux/sssd { |