diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2018-08-01 21:39:09 +0200 |
---|---|---|
committer | xeji <36407913+xeji@users.noreply.github.com> | 2018-08-01 21:39:09 +0200 |
commit | cd5e01edd9c18405eef429590f4b72d283db9e74 (patch) | |
tree | 4d1225cbfcbb7e3d77b6f08999766224424dac14 /pkgs/tools/networking/ocserv | |
parent | e4ca48c224a10b906cd9689e4531b39741f5b8fd (diff) |
ocserv: init at 0.12.1 (#42871)
`ocserv` is a VPN server which follows the openconnect protocol (https://github.com/openconnect/protocol). The packaging is slightly inspired by the AUR version (https://aur.archlinux.org/packages/ocserv/). This patch initializes the package written in C, the man pages and a module for a simple systemd unit to run the VPN server. The package supports the following authentication methods for the server: * `plain` (mostly username/password) * `pam` The third method (`radius`) is currently not supported since `nixpkgs` misses a packaged client. The module can be used like this: ``` nix { services.ocserv = { enable = true; config = '' ... ''; }; } ``` The option `services.ocserv.config` is required on purpose to ensure that nobody just enables the service and experiences unexpected side-effects on the system. For a full reference, please refer to the man pages, the online docs or the example value. The docs recommend to simply use `nobody` as user, so no extra user has been added to the internal user list. Instead a configuration like this can be used: ``` run-as-user = nobody run-as-group = nogroup ``` /cc @tenten8401 Fixes #42594
Diffstat (limited to 'pkgs/tools/networking/ocserv')
-rw-r--r-- | pkgs/tools/networking/ocserv/default.nix | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/pkgs/tools/networking/ocserv/default.nix b/pkgs/tools/networking/ocserv/default.nix new file mode 100644 index 0000000000000..d6458128b04f9 --- /dev/null +++ b/pkgs/tools/networking/ocserv/default.nix @@ -0,0 +1,26 @@ +{ stdenv, fetchFromGitLab, autoreconfHook, pkgconfig, nettle, gnutls +, libev, protobufc, guile, geoip, libseccomp, gperf, readline +, lz4, libgssglue, ronn, coreutils, pam +}: + +stdenv.mkDerivation rec { + name = "ocserv-${version}"; + version = "0.12.1"; + + src = fetchFromGitLab { + owner = "openconnect"; + repo = "ocserv"; + rev = "ocserv_${stdenv.lib.replaceStrings [ "." ] [ "_" ] version}"; + sha256 = "0jn91a50r3ryj1ph9fzxwy2va877b0b37ahargxzn7biccd8nh0y"; + }; + + nativeBuildInputs = [ autoreconfHook pkgconfig ]; + buildInputs = [ nettle gnutls libev protobufc guile geoip libseccomp gperf readline lz4 libgssglue ronn pam ]; + + meta = with stdenv.lib; { + homepage = https://gitlab.com/openconnect/ocserv; + license = licenses.gpl2; + description = "This program is openconnect VPN server (ocserv), a server for the openconnect VPN client."; + maintainers = with maintainers; [ ma27 ]; + }; +} |