diff options
author | Wei-Ming Yang <rick68@gmail.com> | 2015-08-19 15:37:20 +0800 |
---|---|---|
committer | Wei-Ming Yang <rick68@gmail.com> | 2015-08-21 13:59:00 +0800 |
commit | efd34824eb4c23a135bf2b08b2b53b7777ad350a (patch) | |
tree | cd88245f32820e54717bb07cff1b33fd2193b75a /nixos/modules/services/networking/softether.nix | |
parent | 13576925552b1d0751498fdda22e91a055a1ff6c (diff) | |
download | nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar.gz nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar.bz2 nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar.lz nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar.xz nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.tar.zst nixlib-efd34824eb4c23a135bf2b08b2b53b7777ad350a.zip |
softether: support SoftEther VPN 4.18
Diffstat (limited to 'nixos/modules/services/networking/softether.nix')
-rw-r--r-- | nixos/modules/services/networking/softether.nix | 150 |
1 files changed, 150 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/softether.nix b/nixos/modules/services/networking/softether.nix new file mode 100644 index 000000000000..49538af7d351 --- /dev/null +++ b/nixos/modules/services/networking/softether.nix @@ -0,0 +1,150 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + pkg = pkgs.softether; + cfg = config.services.softether; + +in +{ + + ###### interface + + options = { + + services.softether = { + + enable = mkEnableOption "SoftEther VPN services"; + + vpnserver.enable = mkEnableOption "SoftEther VPN Server"; + + vpnbridge.enable = mkEnableOption "SoftEther VPN Bridge"; + + vpnclient = { + enable = mkEnableOption "SoftEther VPN Client"; + up = mkOption { + type = types.lines; + default = ""; + description = '' + Shell commands executed when the Virtual Network Adapter(s) is/are starting. + ''; + }; + down = mkOption { + type = types.lines; + default = ""; + description = '' + Shell commands executed when the Virtual Network Adapter(s) is/are shutting down. + ''; + }; + }; + + dataDir = mkOption { + type = types.string; + default = "${pkg.dataDir}"; + description = '' + Data directory for SoftEther VPN. + ''; + }; + + }; + + }; + + ###### implementation + + config = mkIf cfg.enable ( + + mkMerge [{ + environment.systemPackages = [ + (pkgs.lib.overrideDerivation pkg (attrs: { + dataDir = cfg.dataDir; + })) + ]; + jobs.softether = { + description = "SoftEther VPN services initial job"; + startOn = "started network-interfaces"; + preStart = '' + for d in vpnserver vpnbridge vpnclient vpncmd; do + if ! test -e ${cfg.dataDir}/$d; then + ${pkgs.coreutils}/bin/mkdir -m0700 -p ${cfg.dataDir}/$d + install -m0600 ${pkg}${cfg.dataDir}/$d/hamcore.se2 ${cfg.dataDir}/$d/hamcore.se2 + fi + done + rm -rf ${cfg.dataDir}/vpncmd/vpncmd + ln -s ${pkg}${cfg.dataDir}/vpncmd/vpncmd ${cfg.dataDir}/vpncmd/vpncmd + ''; + exec = "true"; + }; + } + + (mkIf (cfg.vpnserver.enable) { + systemd.services.vpnserver = { + description = "SoftEther VPN Server"; + after = [ "network-interfaces.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkg}/bin/vpnserver start"; + ExecStop = "${pkg}/bin/vpnserver stop"; + Type = "forking"; + }; + preStart = '' + rm -rf ${cfg.dataDir}/vpnserver/vpnserver + ln -s ${pkg}${cfg.dataDir}/vpnserver/vpnserver ${cfg.dataDir}/vpnserver/vpnserver + ''; + postStop = '' + rm -rf ${cfg.dataDir}/vpnserver/vpnserver + ''; + }; + }) + + (mkIf (cfg.vpnbridge.enable) { + systemd.services.vpnbridge = { + description = "SoftEther VPN Bridge"; + after = [ "network-interfaces.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkg}/bin/vpnbridge start"; + ExecStop = "${pkg}/bin/vpnbridge stop"; + Type = "forking"; + }; + preStart = '' + rm -rf ${cfg.dataDir}/vpnbridge/vpnbridge + ln -s ${pkg}${cfg.dataDir}/vpnbridge/vpnbridge ${cfg.dataDir}/vpnbridge/vpnbridge + ''; + postStop = '' + rm -rf ${cfg.dataDir}/vpnbridge/vpnbridge + ''; + }; + }) + + (mkIf (cfg.vpnclient.enable) { + systemd.services.vpnclient = { + description = "SoftEther VPN Client"; + after = [ "network-interfaces.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkg}/bin/vpnclient start"; + ExecStop = "${pkg}/bin/vpnclient stop"; + Type = "forking"; + }; + preStart = '' + rm -rf ${cfg.dataDir}/vpnclient/vpnclient + ln -s ${pkg}${cfg.dataDir}/vpnclient/vpnclient ${cfg.dataDir}/vpnclient/vpnclient + ''; + postStart = '' + sleep 1 + ${cfg.vpnclient.up} + ''; + postStop = '' + rm -rf ${cfg.dataDir}/vpnclient/vpnclient + sleep 1 + ${cfg.vpnclient.down} + ''; + }; + boot.kernelModules = [ "tun" ]; + }) + + ]); + +} |