diff options
author | Jared Baur <jaredbaur@fastmail.com> | 2022-06-13 15:29:41 -0700 |
---|---|---|
committer | Jared Baur <jaredbaur@fastmail.com> | 2022-06-13 15:29:41 -0700 |
commit | f880ea69baef7e6b7a639fab64ebc1fdde15962d (patch) | |
tree | 27653607edc72f441db43250cf6f945a5b31960f | |
parent | 0d27868e91f821111be5cacfdc3166e932cfd429 (diff) | |
download | nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar.gz nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar.bz2 nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar.lz nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar.xz nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.tar.zst nixpkgs-f880ea69baef7e6b7a639fab64ebc1fdde15962d.zip |
nixos/globalprotect: add settings option for service configuration
-rw-r--r-- | nixos/modules/services/networking/globalprotect-vpn.nix | 27 | ||||
-rw-r--r-- | pkgs/tools/networking/globalprotect-openconnect/default.nix | 4 |
2 files changed, 23 insertions, 8 deletions
diff --git a/nixos/modules/services/networking/globalprotect-vpn.nix b/nixos/modules/services/networking/globalprotect-vpn.nix index 976fdf2b962..2ae8495f018 100644 --- a/nixos/modules/services/networking/globalprotect-vpn.nix +++ b/nixos/modules/services/networking/globalprotect-vpn.nix @@ -5,7 +5,8 @@ with lib; let cfg = config.services.globalprotect; - execStart = if cfg.csdWrapper == null then + execStart = + if cfg.csdWrapper == null then "${pkgs.globalprotect-openconnect}/bin/gpservice" else "${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}"; @@ -15,6 +16,22 @@ in options.services.globalprotect = { enable = mkEnableOption "globalprotect"; + settings = mkOption { + description = '' + GlobalProtect-openconnect configuration. For more information, visit + <link + xlink:href="https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration" + />. + ''; + default = { }; + example = { + "vpn1.company.com" = { + openconnect-args = "--script=/path/to/vpnc-script"; + }; + }; + type = types.attrs; + }; + csdWrapper = mkOption { description = '' A script that will produce a Host Integrity Protection (HIP) report, @@ -29,12 +46,14 @@ in config = mkIf cfg.enable { services.dbus.packages = [ pkgs.globalprotect-openconnect ]; + environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings; + systemd.services.gpservice = { description = "GlobalProtect openconnect DBus service"; serviceConfig = { - Type="dbus"; - BusName="com.yuezk.qt.GPService"; - ExecStart=execStart; + Type = "dbus"; + BusName = "com.yuezk.qt.GPService"; + ExecStart = execStart; }; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; diff --git a/pkgs/tools/networking/globalprotect-openconnect/default.nix b/pkgs/tools/networking/globalprotect-openconnect/default.nix index acda428875e..d62bfd737ec 100644 --- a/pkgs/tools/networking/globalprotect-openconnect/default.nix +++ b/pkgs/tools/networking/globalprotect-openconnect/default.nix @@ -21,10 +21,6 @@ stdenv.mkDerivation rec { patchPhase = '' substituteInPlace GPService/gpservice.h \ --replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect; - substituteInPlace GPClient/settingsdialog.ui \ - --replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf; - substituteInPlace GPService/gpservice.cpp \ - --replace /etc/gpservice/gp.conf $out/etc/gpservice/gp.conf; substituteInPlace GPService/CMakeLists.txt \ --replace /etc/gpservice $out/etc/gpservice; ''; |