Revert "globalprotect-openconnect: remove deprecated 1.x package"
This reverts commit b08d6a664f
.
Signed-off-by: Rahul Rameshbabu <sergeantsagara@protonmail.com>
This commit is contained in:
parent
2e88dbad29
commit
8f2fa04fd9
@ -692,11 +692,10 @@
|
||||
|
||||
- `isync` has been updated to version `1.5.0`, which introduces some breaking changes. See the [compatibility concerns](https://sourceforge.net/projects/isync/files/isync/1.5.0/) for more details.
|
||||
|
||||
- Legacy package `globalprotect-openconnect` 1.x and related module
|
||||
`services.globalprotect` were dropped. Two new packages -- `gpauth` and `gpclient`
|
||||
from the 2.x version of the GlobalProtect-openconnect project -- are added in its
|
||||
place. The GUI components related to the project are non-free and not
|
||||
packaged.
|
||||
- Two new packages -- `gpauth` and `gpclient` from the 2.x version of the
|
||||
GlobalProtect-openconnect project -- are added in parallel to
|
||||
`globalprotect-openconnect`. The GUI components related to the project are
|
||||
non-free and not packaged.
|
||||
|
||||
- Compatible string matching for `hardware.deviceTree.overlays` has been changed to a more correct behavior. See [below](#sec-release-24.11-migration-dto-compatible) for details.
|
||||
|
||||
|
@ -1053,6 +1053,7 @@
|
||||
./services/networking/gdomap.nix
|
||||
./services/networking/ghostunnel.nix
|
||||
./services/networking/git-daemon.nix
|
||||
./services/networking/globalprotect-vpn.nix
|
||||
./services/networking/gns3-server.nix
|
||||
./services/networking/gnunet.nix
|
||||
./services/networking/go-autoconfig.nix
|
||||
|
57
nixos/modules/services/networking/globalprotect-vpn.nix
Normal file
57
nixos/modules/services/networking/globalprotect-vpn.nix
Normal file
@ -0,0 +1,57 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.globalprotect;
|
||||
|
||||
execStart =
|
||||
if cfg.csdWrapper == null then
|
||||
"${pkgs.globalprotect-openconnect}/bin/gpservice"
|
||||
else
|
||||
"${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}";
|
||||
in
|
||||
|
||||
{
|
||||
options.services.globalprotect = {
|
||||
enable = lib.mkEnableOption "globalprotect";
|
||||
|
||||
settings = lib.mkOption {
|
||||
description = ''
|
||||
GlobalProtect-openconnect configuration. For more information, visit
|
||||
<https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration>.
|
||||
'';
|
||||
default = { };
|
||||
example = {
|
||||
"vpn1.company.com" = {
|
||||
openconnect-args = "--script=/path/to/vpnc-script";
|
||||
};
|
||||
};
|
||||
type = lib.types.attrs;
|
||||
};
|
||||
|
||||
csdWrapper = lib.mkOption {
|
||||
description = ''
|
||||
A script that will produce a Host Integrity Protection (HIP) report,
|
||||
as described at <https://www.infradead.org/openconnect/hip.html>
|
||||
'';
|
||||
default = null;
|
||||
example = lib.literalExpression ''"''${pkgs.openconnect}/libexec/openconnect/hipreport.sh"'';
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.dbus.packages = [ pkgs.globalprotect-openconnect ];
|
||||
|
||||
environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings;
|
||||
|
||||
systemd.services.gpservice = {
|
||||
description = "GlobalProtect openconnect DBus service";
|
||||
serviceConfig = {
|
||||
Type = "dbus";
|
||||
BusName = "com.yuezk.qt.GPService";
|
||||
ExecStart = execStart;
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
};
|
||||
};
|
||||
}
|
32
pkgs/tools/networking/globalprotect-openconnect/default.nix
Normal file
32
pkgs/tools/networking/globalprotect-openconnect/default.nix
Normal file
@ -0,0 +1,32 @@
|
||||
{ stdenv, lib, fetchurl
|
||||
, cmake, qtwebsockets, qtwebengine, qtkeychain, wrapQtAppsHook, openconnect
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "globalprotect-openconnect";
|
||||
version = "1.4.9";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v${version}/globalprotect-openconnect-${version}.tar.gz";
|
||||
hash = "sha256-vhvVKESLbqHx3XumxbIWOXIreDkW3yONDMXMHxhjsvk=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake wrapQtAppsHook ];
|
||||
|
||||
buildInputs = [ openconnect qtwebsockets qtwebengine qtkeychain ];
|
||||
|
||||
patchPhase = ''
|
||||
substituteInPlace GPService/gpservice.h \
|
||||
--replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect;
|
||||
substituteInPlace GPService/CMakeLists.txt \
|
||||
--replace /etc/gpservice $out/etc/gpservice;
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "GlobalProtect VPN client (GUI) for Linux based on OpenConnect that supports SAML auth mode";
|
||||
homepage = "https://github.com/yuezk/GlobalProtect-openconnect";
|
||||
license = licenses.gpl3Only;
|
||||
maintainers = [ maintainers.jerith666 ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
@ -5656,6 +5656,8 @@ with pkgs;
|
||||
|
||||
inherit (openconnectPackages) openconnect openconnect_openssl;
|
||||
|
||||
globalprotect-openconnect = libsForQt5.callPackage ../tools/networking/globalprotect-openconnect { };
|
||||
|
||||
sssd = callPackage ../os-specific/linux/sssd {
|
||||
inherit (perlPackages) Po4a;
|
||||
# python312Packages.python-ldap is broken
|
||||
|
Loading…
Reference in New Issue
Block a user