programs: implement "default vpn" with native nix code instead of sane-vpn

2024-01-21 01:04:31 +00:00 · 2024-01-21 01:04:31 +00:00 · bad6a7bfee
commit bad6a7bfee
parent 66d5e204be
2 changed files with 27 additions and 17 deletions
--- a/modules/programs.nix
+++ b/modules/programs.nix
@ -37,21 +37,24 @@ let
    if net == "clearnet" then
      package
    else if net == "vpn" then
-      # TODO: update the package's `.desktop` files to ensure they exec the sandboxed app.
-      pkgs.symlinkJoin {
-        inherit (package) name;
-        paths = [ package ];
-        postBuild = ''
-          for p in $(ls "$out/bin/"); do
-            unlink "$out/bin/$p"
-            cat <<EOF >> "$out/bin/$p"
-          #!/bin/sh
-          exec ${pkgs.sane-scripts.vpn}/bin/sane-vpn do default "${package}/bin/$p" "\$@"
-          EOF
-            chmod +x "$out/bin/$p"
-          done
-        '';
-      }
+      let
+        defaultVpn = lib.findSingle (v: v.default) null null (builtins.attrValues config.sane.vpn);
+      in
+        # TODO: update the package's `.desktop` files to ensure they exec the sandboxed app.
+        pkgs.symlinkJoin {
+          inherit (package) name;
+          paths = [ package ];
+          postBuild = ''
+            for p in $(ls "$out/bin/"); do
+              unlink "$out/bin/$p"
+              cat <<EOF >> "$out/bin/$p"
+            #!/bin/sh
+            exec ${pkgs.sane-scripts.vpn}/bin/sane-vpn do ${defaultVpn.name} "${package}/bin/$p" "\$@"
+            EOF
+              chmod +x "$out/bin/$p"
+            done
+          '';
+        }
    else
      throw "unknown net type '${net}'"
  );
--- a/modules/vpn.nix
+++ b/modules/vpn.nix
@ -8,8 +8,14 @@
 { config, lib, pkgs, sane-lib, ... }:
 let
  cfg = config.sane.vpn;
-  vpnOpts = with lib; types.submodule {
+  vpnOpts = with lib; types.submodule ({ name, config, ... }: {
    options = {
+      name = mkOption {
+        type = types.str;
+        description = ''
+          read-only value: must match the attrName of this vpn.
+        '';
+      };
      id = mkOption {
        type = types.ints.between 1 99;
        description = ''
@ -64,9 +70,10 @@ let
    };

    config = {
+      inherit name;
      default = builtins.all (other: config.id <= other.id) (builtins.attrValues cfg);
    };
-  };
+  });
  mkVpnConfig = name: { id, dns, endpoint, publicKey, addrV4, privateKeyFile, ... }: let
    fwmark = id + 10000;
    bridgeAddrV4 = "10.20.${builtins.toString id}.1/24";