Revert "globalprotect-openconnect: remove deprecated 1.x package"

This reverts commit b08d6a664f.

Signed-off-by: Rahul Rameshbabu <sergeantsagara@protonmail.com>
This commit is contained in:
Rahul Rameshbabu 2024-11-13 13:41:34 -08:00
parent 2e88dbad29
commit 8f2fa04fd9
No known key found for this signature in database
GPG Key ID: FF247B3E5411387B
5 changed files with 96 additions and 5 deletions

View File

@ -692,11 +692,10 @@
- `isync` has been updated to version `1.5.0`, which introduces some breaking changes. See the [compatibility concerns](https://sourceforge.net/projects/isync/files/isync/1.5.0/) for more details.
- Legacy package `globalprotect-openconnect` 1.x and related module
`services.globalprotect` were dropped. Two new packages -- `gpauth` and `gpclient`
from the 2.x version of the GlobalProtect-openconnect project -- are added in its
place. The GUI components related to the project are non-free and not
packaged.
- Two new packages -- `gpauth` and `gpclient` from the 2.x version of the
GlobalProtect-openconnect project -- are added in parallel to
`globalprotect-openconnect`. The GUI components related to the project are
non-free and not packaged.
- Compatible string matching for `hardware.deviceTree.overlays` has been changed to a more correct behavior. See [below](#sec-release-24.11-migration-dto-compatible) for details.

View File

@ -1053,6 +1053,7 @@
./services/networking/gdomap.nix
./services/networking/ghostunnel.nix
./services/networking/git-daemon.nix
./services/networking/globalprotect-vpn.nix
./services/networking/gns3-server.nix
./services/networking/gnunet.nix
./services/networking/go-autoconfig.nix

View File

@ -0,0 +1,57 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.globalprotect;
execStart =
if cfg.csdWrapper == null then
"${pkgs.globalprotect-openconnect}/bin/gpservice"
else
"${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}";
in
{
options.services.globalprotect = {
enable = lib.mkEnableOption "globalprotect";
settings = lib.mkOption {
description = ''
GlobalProtect-openconnect configuration. For more information, visit
<https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration>.
'';
default = { };
example = {
"vpn1.company.com" = {
openconnect-args = "--script=/path/to/vpnc-script";
};
};
type = lib.types.attrs;
};
csdWrapper = lib.mkOption {
description = ''
A script that will produce a Host Integrity Protection (HIP) report,
as described at <https://www.infradead.org/openconnect/hip.html>
'';
default = null;
example = lib.literalExpression ''"''${pkgs.openconnect}/libexec/openconnect/hipreport.sh"'';
type = lib.types.nullOr lib.types.path;
};
};
config = lib.mkIf cfg.enable {
services.dbus.packages = [ pkgs.globalprotect-openconnect ];
environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings;
systemd.services.gpservice = {
description = "GlobalProtect openconnect DBus service";
serviceConfig = {
Type = "dbus";
BusName = "com.yuezk.qt.GPService";
ExecStart = execStart;
};
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
};
};
}

View File

@ -0,0 +1,32 @@
{ stdenv, lib, fetchurl
, cmake, qtwebsockets, qtwebengine, qtkeychain, wrapQtAppsHook, openconnect
}:
stdenv.mkDerivation rec {
pname = "globalprotect-openconnect";
version = "1.4.9";
src = fetchurl {
url = "https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v${version}/globalprotect-openconnect-${version}.tar.gz";
hash = "sha256-vhvVKESLbqHx3XumxbIWOXIreDkW3yONDMXMHxhjsvk=";
};
nativeBuildInputs = [ cmake wrapQtAppsHook ];
buildInputs = [ openconnect qtwebsockets qtwebengine qtkeychain ];
patchPhase = ''
substituteInPlace GPService/gpservice.h \
--replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect;
substituteInPlace GPService/CMakeLists.txt \
--replace /etc/gpservice $out/etc/gpservice;
'';
meta = with lib; {
description = "GlobalProtect VPN client (GUI) for Linux based on OpenConnect that supports SAML auth mode";
homepage = "https://github.com/yuezk/GlobalProtect-openconnect";
license = licenses.gpl3Only;
maintainers = [ maintainers.jerith666 ];
platforms = platforms.linux;
};
}

View File

@ -5656,6 +5656,8 @@ with pkgs;
inherit (openconnectPackages) openconnect openconnect_openssl;
globalprotect-openconnect = libsForQt5.callPackage ../tools/networking/globalprotect-openconnect { };
sssd = callPackage ../os-specific/linux/sssd {
inherit (perlPackages) Po4a;
# python312Packages.python-ldap is broken