nixos/modules/services/networking/racoon.nix at release-16.03-start · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / racoon.nix

at release-16.03-start 1.1 kB view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.racoon;
 7in {
 8  options.services.racoon = {
 9    enable = mkEnableOption "racoon";
10
11    config = mkOption {
12      description = "Contents of racoon configuration file.";
13      default = "";
14      type = types.str;
15    };
16
17    configPath = mkOption {
18      description = "Location of racoon config if config is not provided.";
19      default = "/etc/racoon/racoon.conf";
20      type = types.path;
21    };
22  };
23
24  config = mkIf cfg.enable {
25    systemd.services.racoon = {
26      description = "Racoon Daemon";
27      wantedBy = [ "multi-user.target" ];
28      after = [ "network.target" ];
29      serviceConfig = {
30        ExecStart = "${pkgs.ipsecTools}/bin/racoon -f ${
31          if (cfg.config != "") then pkgs.writeText "racoon.conf" cfg.config
32          else cfg.configPath
33        }";
34        ExecReload = "${pkgs.ipsecTools}/bin/racoonctl reload-config";
35        PIDFile = "/var/run/racoon.pid";
36        Type = "forking";
37        Restart = "always";
38      };
39      preStart = ''
40        rm /var/run/racoon.pid || true
41        mkdir -p /var/racoon
42      '';
43    };
44  };
45}