programs: implement "default vpn" with native nix code instead of sane-vpn
This commit is contained in:
parent
66d5e204be
commit
bad6a7bfee
|
@ -37,21 +37,24 @@ let
|
||||||
if net == "clearnet" then
|
if net == "clearnet" then
|
||||||
package
|
package
|
||||||
else if net == "vpn" then
|
else if net == "vpn" then
|
||||||
# TODO: update the package's `.desktop` files to ensure they exec the sandboxed app.
|
let
|
||||||
pkgs.symlinkJoin {
|
defaultVpn = lib.findSingle (v: v.default) null null (builtins.attrValues config.sane.vpn);
|
||||||
inherit (package) name;
|
in
|
||||||
paths = [ package ];
|
# TODO: update the package's `.desktop` files to ensure they exec the sandboxed app.
|
||||||
postBuild = ''
|
pkgs.symlinkJoin {
|
||||||
for p in $(ls "$out/bin/"); do
|
inherit (package) name;
|
||||||
unlink "$out/bin/$p"
|
paths = [ package ];
|
||||||
cat <<EOF >> "$out/bin/$p"
|
postBuild = ''
|
||||||
#!/bin/sh
|
for p in $(ls "$out/bin/"); do
|
||||||
exec ${pkgs.sane-scripts.vpn}/bin/sane-vpn do default "${package}/bin/$p" "\$@"
|
unlink "$out/bin/$p"
|
||||||
EOF
|
cat <<EOF >> "$out/bin/$p"
|
||||||
chmod +x "$out/bin/$p"
|
#!/bin/sh
|
||||||
done
|
exec ${pkgs.sane-scripts.vpn}/bin/sane-vpn do ${defaultVpn.name} "${package}/bin/$p" "\$@"
|
||||||
'';
|
EOF
|
||||||
}
|
chmod +x "$out/bin/$p"
|
||||||
|
done
|
||||||
|
'';
|
||||||
|
}
|
||||||
else
|
else
|
||||||
throw "unknown net type '${net}'"
|
throw "unknown net type '${net}'"
|
||||||
);
|
);
|
||||||
|
|
|
@ -8,8 +8,14 @@
|
||||||
{ config, lib, pkgs, sane-lib, ... }:
|
{ config, lib, pkgs, sane-lib, ... }:
|
||||||
let
|
let
|
||||||
cfg = config.sane.vpn;
|
cfg = config.sane.vpn;
|
||||||
vpnOpts = with lib; types.submodule {
|
vpnOpts = with lib; types.submodule ({ name, config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
|
name = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = ''
|
||||||
|
read-only value: must match the attrName of this vpn.
|
||||||
|
'';
|
||||||
|
};
|
||||||
id = mkOption {
|
id = mkOption {
|
||||||
type = types.ints.between 1 99;
|
type = types.ints.between 1 99;
|
||||||
description = ''
|
description = ''
|
||||||
|
@ -64,9 +70,10 @@ let
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
inherit name;
|
||||||
default = builtins.all (other: config.id <= other.id) (builtins.attrValues cfg);
|
default = builtins.all (other: config.id <= other.id) (builtins.attrValues cfg);
|
||||||
};
|
};
|
||||||
};
|
});
|
||||||
mkVpnConfig = name: { id, dns, endpoint, publicKey, addrV4, privateKeyFile, ... }: let
|
mkVpnConfig = name: { id, dns, endpoint, publicKey, addrV4, privateKeyFile, ... }: let
|
||||||
fwmark = id + 10000;
|
fwmark = id + 10000;
|
||||||
bridgeAddrV4 = "10.20.${builtins.toString id}.1/24";
|
bridgeAddrV4 = "10.20.${builtins.toString id}.1/24";
|
||||||
|
|
Loading…
Reference in New Issue
Block a user