From d2efc3ef70401636ca117b9a4025c0ce2121f0a0 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Thu, 17 Mar 2022 04:04:10 +0100 Subject: [PATCH] nixos/networkmanager: Allow overriding installed plug-ins Now, one can just use `networking.networkmanager.plugins = lib.mkForce [];` if they want to get rid of the plug-ins. Co-authored-by: lassulus --- .../services/networking/networkmanager.nix | 106 +++++++++--------- .../networkmanager/fortisslvpn/default.nix | 1 + .../networkmanager/iodine/default.nix | 1 + .../networkmanager/l2tp/default.nix | 4 + .../networkmanager/openconnect/default.nix | 1 + .../networkmanager/openvpn/default.nix | 1 + .../networkmanager/sstp/default.nix | 1 + .../networkmanager/strongswan/default.nix | 4 + .../networkmanager/vpnc/default.nix | 1 + 9 files changed, 69 insertions(+), 51 deletions(-) diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index 7a9d9e5428a7..2b3577eb92cb 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -5,18 +5,6 @@ with lib; let cfg = config.networking.networkmanager; - basePackages = with pkgs; [ - modemmanager - networkmanager - networkmanager-fortisslvpn - networkmanager-iodine - networkmanager-l2tp - networkmanager-openconnect - networkmanager-openvpn - networkmanager-vpnc - networkmanager-sstp - ] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant; - delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != []; enableIwd = cfg.wifi.backend == "iwd"; @@ -145,6 +133,15 @@ let ''; }; + packages = [ + pkgs.modemmanager + pkgs.networkmanager + ] + ++ cfg.plugins + ++ lib.optionals (!delegateWireless && !enableIwd) [ + pkgs.wpa_supplicant + ]; + in { meta = { @@ -227,13 +224,29 @@ in { ''; }; - packages = mkOption { - type = types.listOf types.package; + plugins = mkOption { + type = + let + networkManagerPluginPackage = types.package // { + description = "NetworkManager plug-in"; + check = + p: + lib.assertMsg + (types.package.check p + && p ? networkManagerPlugin + && lib.isString p.networkManagerPlugin) + '' + Package ‘${p.name}’, is not a NetworkManager plug-in. + Those need to have a ‘networkManagerPlugin’ attribute. + ''; + }; + in + types.listOf networkManagerPluginPackage; default = [ ]; description = '' - Extra packages that provide NetworkManager plugins. + List of NetworkManager plug-ins to enable. + Some plug-ins are enabled by the NetworkManager module by default. ''; - apply = list: basePackages ++ list; }; dhcp = mkOption { @@ -380,7 +393,7 @@ in { If you enable this option the networkmanager_strongswan plugin will be added to - the option + the option so you don't need to to that yourself. ''; }; @@ -399,6 +412,9 @@ in { }; imports = [ + (mkRenamedOptionModule + [ "networking" "networkmanager" "packages" ] + [ "networking" "networkmanager" "plugins" ]) (mkRenamedOptionModule [ "networking" "networkmanager" "useDnsmasq" ] [ "networking" "networkmanager" "dns" ]) (mkRemovedOptionModule ["networking" "networkmanager" "dynamicHosts"] '' This option was removed because allowing (multiple) regular users to @@ -426,31 +442,12 @@ in { hardware.wirelessRegulatoryDatabase = true; - environment.etc = with pkgs; { - "NetworkManager/NetworkManager.conf".source = configFile; - - "NetworkManager/VPN/nm-openvpn-service.name".source = - "${networkmanager-openvpn}/lib/NetworkManager/VPN/nm-openvpn-service.name"; - - "NetworkManager/VPN/nm-vpnc-service.name".source = - "${networkmanager-vpnc}/lib/NetworkManager/VPN/nm-vpnc-service.name"; - - "NetworkManager/VPN/nm-openconnect-service.name".source = - "${networkmanager-openconnect}/lib/NetworkManager/VPN/nm-openconnect-service.name"; - - "NetworkManager/VPN/nm-fortisslvpn-service.name".source = - "${networkmanager-fortisslvpn}/lib/NetworkManager/VPN/nm-fortisslvpn-service.name"; - - "NetworkManager/VPN/nm-l2tp-service.name".source = - "${networkmanager-l2tp}/lib/NetworkManager/VPN/nm-l2tp-service.name"; - - "NetworkManager/VPN/nm-iodine-service.name".source = - "${networkmanager-iodine}/lib/NetworkManager/VPN/nm-iodine-service.name"; - - "NetworkManager/VPN/nm-sstp-service.name".source = - "${networkmanager-sstp}/lib/NetworkManager/VPN/nm-sstp-service.name"; - + environment.etc = { + "NetworkManager/NetworkManager.conf".source = configFile; } + // builtins.listToAttrs (map (pkg: nameValuePair "NetworkManager/${pkg.networkManagerPlugin}" { + source = "${pkg}/lib/NetworkManager/${pkg.networkManagerPlugin}"; + }) cfg.plugins) // optionalAttrs cfg.enableFccUnlock { "ModemManager/fcc-unlock.d".source = @@ -460,18 +457,13 @@ in { { "NetworkManager/dispatcher.d/02overridedns".source = overrideNameserversScript; } - // optionalAttrs cfg.enableStrongSwan - { - "NetworkManager/VPN/nm-strongswan-service.name".source = - "${pkgs.networkmanager_strongswan}/lib/NetworkManager/VPN/nm-strongswan-service.name"; - } // listToAttrs (lib.imap1 (i: s: { name = "NetworkManager/dispatcher.d/${dispatcherTypesSubdirMap.${s.type}}03userscript${lib.fixedWidthNumber 4 i}"; value = { mode = "0544"; inherit (s) source; }; }) cfg.dispatcherScripts); - environment.systemPackages = cfg.packages; + environment.systemPackages = packages; users.groups = { networkmanager.gid = config.ids.gids.networkmanager; @@ -490,7 +482,7 @@ in { }; }; - systemd.packages = cfg.packages; + systemd.packages = packages; systemd.tmpfiles.rules = [ "d /etc/NetworkManager/system-connections 0700 root root -" @@ -534,8 +526,20 @@ in { useDHCP = false; }) + { + networkmanager.plugins = with pkgs; [ + networkmanager-fortisslvpn + networkmanager-iodine + networkmanager-l2tp + networkmanager-openconnect + networkmanager-openvpn + networkmanager-vpnc + networkmanager-sstp + ]; + } + (mkIf cfg.enableStrongSwan { - networkmanager.packages = [ pkgs.networkmanager_strongswan ]; + networkmanager.plugins = [ pkgs.networkmanager_strongswan ]; }) (mkIf enableIwd { @@ -559,10 +563,10 @@ in { security.polkit.enable = true; security.polkit.extraConfig = polkitConf; - services.dbus.packages = cfg.packages + services.dbus.packages = packages ++ optional cfg.enableStrongSwan pkgs.strongswanNM ++ optional (cfg.dns == "dnsmasq") pkgs.dnsmasq; - services.udev.packages = cfg.packages; + services.udev.packages = packages; }; } diff --git a/pkgs/tools/networking/networkmanager/fortisslvpn/default.nix b/pkgs/tools/networking/networkmanager/fortisslvpn/default.nix index f97bac13cf7f..da30fc6cbe18 100644 --- a/pkgs/tools/networking/networkmanager/fortisslvpn/default.nix +++ b/pkgs/tools/networking/networkmanager/fortisslvpn/default.nix @@ -74,6 +74,7 @@ stdenv.mkDerivation rec { attrPath = "networkmanager-fortisslvpn"; versionPolicy = "odd-unstable"; }; + networkManagerPlugin = "VPN/nm-fortisslvpn-service.name"; }; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/iodine/default.nix b/pkgs/tools/networking/networkmanager/iodine/default.nix index e56d9411b393..8c8d0dd6a322 100644 --- a/pkgs/tools/networking/networkmanager/iodine/default.nix +++ b/pkgs/tools/networking/networkmanager/iodine/default.nix @@ -48,6 +48,7 @@ in stdenv.mkDerivation { packageName = pname; attrPath = "networkmanager-iodine"; }; + networkManagerPlugin = "VPN/nm-iodine-service.name"; }; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/l2tp/default.nix b/pkgs/tools/networking/networkmanager/l2tp/default.nix index 5f00c1fa9d8c..88ccad59bd1a 100644 --- a/pkgs/tools/networking/networkmanager/l2tp/default.nix +++ b/pkgs/tools/networking/networkmanager/l2tp/default.nix @@ -41,6 +41,10 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + passthru = { + networkManagerPlugin = "VPN/nm-l2tp-service.name"; + }; + meta = with lib; { description = "L2TP plugin for NetworkManager"; inherit (networkmanager.meta) platforms; diff --git a/pkgs/tools/networking/networkmanager/openconnect/default.nix b/pkgs/tools/networking/networkmanager/openconnect/default.nix index c03a698514a8..fec313e820b8 100644 --- a/pkgs/tools/networking/networkmanager/openconnect/default.nix +++ b/pkgs/tools/networking/networkmanager/openconnect/default.nix @@ -71,6 +71,7 @@ in stdenv.mkDerivation { attrPath = "networkmanager-openconnect"; versionPolicy = "odd-unstable"; }; + networkManagerPlugin = "VPN/nm-openconnect-service.name"; }; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/openvpn/default.nix b/pkgs/tools/networking/networkmanager/openvpn/default.nix index 20a90fffed25..d2cc69a5c5ee 100644 --- a/pkgs/tools/networking/networkmanager/openvpn/default.nix +++ b/pkgs/tools/networking/networkmanager/openvpn/default.nix @@ -36,6 +36,7 @@ in stdenv.mkDerivation { attrPath = "networkmanager-openvpn"; versionPolicy = "odd-unstable"; }; + networkManagerPlugin = "VPN/nm-openvpn-service.name"; }; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/sstp/default.nix b/pkgs/tools/networking/networkmanager/sstp/default.nix index f48662344380..8b75db6495f7 100644 --- a/pkgs/tools/networking/networkmanager/sstp/default.nix +++ b/pkgs/tools/networking/networkmanager/sstp/default.nix @@ -54,6 +54,7 @@ in stdenv.mkDerivation { packageName = pname; attrPath = "networkmanager-sstp"; }; + networkManagerPlugin = "VPN/nm-sstp-service.name"; }; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/strongswan/default.nix b/pkgs/tools/networking/networkmanager/strongswan/default.nix index cebcec35a314..be0dcf234ffb 100644 --- a/pkgs/tools/networking/networkmanager/strongswan/default.nix +++ b/pkgs/tools/networking/networkmanager/strongswan/default.nix @@ -24,6 +24,10 @@ stdenv.mkDerivation rec { "--with-nm-plugindir=$(out)/lib/NetworkManager" ]; + passthru = { + networkManagerPlugin = "VPN/nm-strongswan-service.name"; + }; + PKG_CONFIG_LIBNM_VPNSERVICEDIR = "$(out)/lib/NetworkManager/VPN"; meta = with lib; { diff --git a/pkgs/tools/networking/networkmanager/vpnc/default.nix b/pkgs/tools/networking/networkmanager/vpnc/default.nix index 70e7104696ee..a094e4271887 100644 --- a/pkgs/tools/networking/networkmanager/vpnc/default.nix +++ b/pkgs/tools/networking/networkmanager/vpnc/default.nix @@ -40,6 +40,7 @@ in stdenv.mkDerivation { attrPath = "networkmanager-vpnc"; versionPolicy = "odd-unstable"; }; + networkManagerPlugin = "VPN/nm-vpnc-service.name"; }; meta = with lib; {