about summary refs log tree commit diff
path: root/nixpkgs/nixos/modules/services/networking/ghostunnel.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/ghostunnel.nix')
-rw-r--r--nixpkgs/nixos/modules/services/networking/ghostunnel.nix40
1 files changed, 20 insertions, 20 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/ghostunnel.nix b/nixpkgs/nixos/modules/services/networking/ghostunnel.nix
index 7a62d378e2c6..79cf80e57bef 100644
--- a/nixpkgs/nixos/modules/services/networking/ghostunnel.nix
+++ b/nixpkgs/nixos/modules/services/networking/ghostunnel.nix
@@ -23,14 +23,14 @@ let
       options = {
 
         listen = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Address and port to listen on (can be HOST:PORT, unix:PATH).
           '';
           type = types.str;
         };
 
         target = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Address to forward connections to (can be HOST:PORT or unix:PATH).
           '';
           type = types.str;
@@ -40,43 +40,43 @@ let
           description = ''
             Path to keystore (combined PEM with cert/key, or PKCS12 keystore).
 
-            NB: storepass is not supported because it would expose credentials via <code>/proc/*/cmdline</code>.
+            NB: storepass is not supported because it would expose credentials via <literal>/proc/*/cmdline</literal>.
 
-            Specify this or <code>cert</code> and <code>key</code>.
+            Specify this or <literal>cert</literal> and <literal>key</literal>.
           '';
           type = types.nullOr types.str;
           default = null;
         };
 
         cert = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Path to certificate (PEM with certificate chain).
 
-            Not required if <code>keystore</code> is set.
+            Not required if `keystore` is set.
           '';
           type = types.nullOr types.str;
           default = null;
         };
 
         key = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Path to certificate private key (PEM with private key).
 
-            Not required if <code>keystore</code> is set.
+            Not required if `keystore` is set.
           '';
           type = types.nullOr types.str;
           default = null;
         };
 
         cacert = mkOption {
-          description = ''
-            Path to CA bundle file (PEM/X509). Uses system trust store if <code>null</code>.
+          description = lib.mdDoc ''
+            Path to CA bundle file (PEM/X509). Uses system trust store if `null`.
           '';
           type = types.nullOr types.str;
         };
 
         disableAuthentication = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Disable client authentication, no client certificate will be required.
           '';
           type = types.bool;
@@ -84,7 +84,7 @@ let
         };
 
         allowAll = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             If true, allow all clients, do not check client cert subject.
           '';
           type = types.bool;
@@ -92,7 +92,7 @@ let
         };
 
         allowCN = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Allow client if common name appears in the list.
           '';
           type = types.listOf types.str;
@@ -100,7 +100,7 @@ let
         };
 
         allowOU = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Allow client if organizational unit name appears in the list.
           '';
           type = types.listOf types.str;
@@ -108,7 +108,7 @@ let
         };
 
         allowDNS = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Allow client if DNS subject alternative name appears in the list.
           '';
           type = types.listOf types.str;
@@ -116,7 +116,7 @@ let
         };
 
         allowURI = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             Allow client if URI subject alternative name appears in the list.
           '';
           type = types.listOf types.str;
@@ -124,13 +124,13 @@ let
         };
 
         extraArguments = mkOption {
-          description = "Extra arguments to pass to <code>ghostunnel server</code>";
+          description = lib.mdDoc "Extra arguments to pass to `ghostunnel server`";
           type = types.separatedString " ";
           default = "";
         };
 
         unsafeTarget = mkOption {
-          description = ''
+          description = lib.mdDoc ''
             If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets.
 
             This is meant to protect against accidental unencrypted traffic on
@@ -216,14 +216,14 @@ in
     services.ghostunnel.enable = mkEnableOption "ghostunnel";
 
     services.ghostunnel.package = mkOption {
-      description = "The ghostunnel package to use.";
+      description = lib.mdDoc "The ghostunnel package to use.";
       type = types.package;
       default = pkgs.ghostunnel;
       defaultText = literalExpression "pkgs.ghostunnel";
     };
 
     services.ghostunnel.servers = mkOption {
-      description = ''
+      description = lib.mdDoc ''
         Server mode ghostunnels (TLS listener -> plain TCP/UNIX target)
       '';
       type = types.attrsOf (types.submodule module);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-17 13:42:55 +0000