pyrox.dev / nixpkgs
lol
fork atom

openvpn: add option to store credentials

Leon Schuermann e45a06eb 940d1a99

options
unified split
Changed files
+26
nixos
modules
services
networking
openvpn.nix
+26
nixos/modules/services/networking/openvpn.nix 
···

       
50

       
50

       
 

       
              "up ${pkgs.writeScript "openvpn-${name}-up" upScript}"}


     

       
51

       
51

       
 

       
          ${optionalString (cfg.down != "" || cfg.updateResolvConf)


     

       
52

       
52

       
 

       
              "down ${pkgs.writeScript "openvpn-${name}-down" downScript}"}


     

       

       
53

       
+

       
          ${optionalString (cfg.authUserPass != null)


     

       

       
54

       
+

       
              "auth-user-pass ${pkgs.writeText "openvpn-credentials-${name}" ''


     

       

       
55

       
+

       
                ${cfg.authUserPass.username}


     

       

       
56

       
+

       
                ${cfg.authUserPass.password}


     

       

       
57

       
+

       
              ''}"}


     

       
53

       
58

       
 

       
        '';


     

       
54

       
59

       
 

       



     

       
55

       
60

       
 

       
    in {


     
···

       
161

       
166

       
 

       
            '';


     

       
162

       
167

       
 

       
          };


     

       
163

       
168

       
 

       



     

       

       
169

       
+

       
          authUserPass = mkOption {


     

       

       
170

       
+

       
            default = null;


     

       

       
171

       
+

       
            description = ''


     

       

       
172

       
+

       
              This option can be used to store the username / password credentials


     

       

       
173

       
+

       
              with the "auth-user-pass" authentication method.


     

       

       
174

       
+

       
            '';


     

       

       
175

       
+

       
            type = types.nullOr (types.submodule {


     

       

       
176

       
+

       



     

       

       
177

       
+

       
              options = {


     

       

       
178

       
+

       
                username = mkOption {


     

       

       
179

       
+

       
                  description = "The username to store inside the credentials file.";


     

       

       
180

       
+

       
                  type = types.string;


     

       

       
181

       
+

       
                };


     

       

       
182

       
+

       



     

       

       
183

       
+

       
                password = mkOption {


     

       

       
184

       
+

       
                  description = "The password to store inside the credentials file.";


     

       

       
185

       
+

       
                  type = types.string;


     

       

       
186

       
+

       
                };


     

       

       
187

       
+

       
              };


     

       

       
188

       
+

       
            });


     

       

       
189

       
+

       
          };


     

       
164

       
190

       
 

       
        };


     

       
165

       
191

       
 

       



     

       
166

       
192

       
 

       
      });