diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/ghostunnel.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/ghostunnel.nix | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/ghostunnel.nix b/nixpkgs/nixos/modules/services/networking/ghostunnel.nix index 7a62d378e2c6..79cf80e57bef 100644 --- a/nixpkgs/nixos/modules/services/networking/ghostunnel.nix +++ b/nixpkgs/nixos/modules/services/networking/ghostunnel.nix @@ -23,14 +23,14 @@ let options = { listen = mkOption { - description = '' + description = lib.mdDoc '' Address and port to listen on (can be HOST:PORT, unix:PATH). ''; type = types.str; }; target = mkOption { - description = '' + description = lib.mdDoc '' Address to forward connections to (can be HOST:PORT or unix:PATH). ''; type = types.str; @@ -40,43 +40,43 @@ let description = '' Path to keystore (combined PEM with cert/key, or PKCS12 keystore). - NB: storepass is not supported because it would expose credentials via <code>/proc/*/cmdline</code>. + NB: storepass is not supported because it would expose credentials via <literal>/proc/*/cmdline</literal>. - Specify this or <code>cert</code> and <code>key</code>. + Specify this or <literal>cert</literal> and <literal>key</literal>. ''; type = types.nullOr types.str; default = null; }; cert = mkOption { - description = '' + description = lib.mdDoc '' Path to certificate (PEM with certificate chain). - Not required if <code>keystore</code> is set. + Not required if `keystore` is set. ''; type = types.nullOr types.str; default = null; }; key = mkOption { - description = '' + description = lib.mdDoc '' Path to certificate private key (PEM with private key). - Not required if <code>keystore</code> is set. + Not required if `keystore` is set. ''; type = types.nullOr types.str; default = null; }; cacert = mkOption { - description = '' - Path to CA bundle file (PEM/X509). Uses system trust store if <code>null</code>. + description = lib.mdDoc '' + Path to CA bundle file (PEM/X509). Uses system trust store if `null`. ''; type = types.nullOr types.str; }; disableAuthentication = mkOption { - description = '' + description = lib.mdDoc '' Disable client authentication, no client certificate will be required. ''; type = types.bool; @@ -84,7 +84,7 @@ let }; allowAll = mkOption { - description = '' + description = lib.mdDoc '' If true, allow all clients, do not check client cert subject. ''; type = types.bool; @@ -92,7 +92,7 @@ let }; allowCN = mkOption { - description = '' + description = lib.mdDoc '' Allow client if common name appears in the list. ''; type = types.listOf types.str; @@ -100,7 +100,7 @@ let }; allowOU = mkOption { - description = '' + description = lib.mdDoc '' Allow client if organizational unit name appears in the list. ''; type = types.listOf types.str; @@ -108,7 +108,7 @@ let }; allowDNS = mkOption { - description = '' + description = lib.mdDoc '' Allow client if DNS subject alternative name appears in the list. ''; type = types.listOf types.str; @@ -116,7 +116,7 @@ let }; allowURI = mkOption { - description = '' + description = lib.mdDoc '' Allow client if URI subject alternative name appears in the list. ''; type = types.listOf types.str; @@ -124,13 +124,13 @@ let }; extraArguments = mkOption { - description = "Extra arguments to pass to <code>ghostunnel server</code>"; + description = lib.mdDoc "Extra arguments to pass to `ghostunnel server`"; type = types.separatedString " "; default = ""; }; unsafeTarget = mkOption { - description = '' + description = lib.mdDoc '' If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets. This is meant to protect against accidental unencrypted traffic on @@ -216,14 +216,14 @@ in services.ghostunnel.enable = mkEnableOption "ghostunnel"; services.ghostunnel.package = mkOption { - description = "The ghostunnel package to use."; + description = lib.mdDoc "The ghostunnel package to use."; type = types.package; default = pkgs.ghostunnel; defaultText = literalExpression "pkgs.ghostunnel"; }; services.ghostunnel.servers = mkOption { - description = '' + description = lib.mdDoc '' Server mode ghostunnels (TLS listener -> plain TCP/UNIX target) ''; type = types.attrsOf (types.submodule module); |