diff options
author | Igor Pashev <pashev.igor@gmail.com> | 2016-09-29 13:51:44 +0300 |
---|---|---|
committer | Igor Pashev <pashev.igor@gmail.com> | 2016-09-29 13:51:44 +0300 |
commit | 62f28d30a069135f9c48678507203958adfc334f (patch) | |
tree | 7f38af0c8d3f445ee8cc50906a639baec7011127 /modules/apps/strongswan/options/conn.nix | |
parent | 1af9e6589bdd18e6ba7eeabf073aa7d710020cdd (diff) | |
download | nixsap-62f28d30a069135f9c48678507203958adfc334f.tar.gz |
Moved everything into ./modules
Diffstat (limited to 'modules/apps/strongswan/options/conn.nix')
-rw-r--r-- | modules/apps/strongswan/options/conn.nix | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/modules/apps/strongswan/options/conn.nix b/modules/apps/strongswan/options/conn.nix new file mode 100644 index 0000000..ac1d88c --- /dev/null +++ b/modules/apps/strongswan/options/conn.nix @@ -0,0 +1,88 @@ +{ config, lib, ... }: + +let + + inherit (lib) foldl attrNames head; + inherit (lib.types) int str path either listOf enum; + inherit (import ./lib.nix lib) boolean boolOr default optional; + + leftright = map + (a: let n = head (attrNames a); + in { + "left${n}" = a."${n}"; + "right${n}" = a."${n}"; + }) + [ + { allowany = optional boolean; } + { auth = optional str; } + { auth2 = optional str; } + { ca = optional str; } + { ca2 = optional str; } + { cert = optional path; } + { cert2 = optional path; } + { dns = optional (either str (listOf str)); } + { firewall = optional boolean; } + { groups = optional (either str (listOf str)); } + { hostaccess = optional boolean; } + { id = optional str; } + { id2 = optional str; } + { policy = optional (either str (listOf str)); } + { sendcert = optional (boolOr [ "never" "always" "ifasked" ]); } + { sigkey = optional (either str path); } + { sourceip = optional str; } + { subnet = optional (either str (listOf str)); } + { updown = optional path; } + ]; + + conn = leftright ++ [ + { aaa_identity = optional str; } + { aggressive = optional boolean; } + { ah = optional (either str (listOf str)); } + { also = optional str; } + { authby = optional (enum [ "pubkey" "rsasig" "ecdsasig" "psk" "secret" "xauthrsasig" "xauthpsk" "never" ]); } + { auto = optional (enum [ "ignore" "add" "route" "start" ]); } + { closeaction = optional (enum [ "none" "clear" "hold" "restart" ]); } + { compress = optional boolean; } + { dpdaction = optional (enum [ "none" "clear" "hold" "restart" ]); } + { dpddelay = optional int; } + { dpdtimeout = optional int; } + { eap_identity = optional str; } + { esp = optional (either str (listOf str)); } + { forceencaps = optional boolean; } + { fragmentation = optional (boolOr [ "force" ]); } + { ike = optional (either str (listOf str)); } + { ikedscp = optional str; } + { ikelifetime = optional int; } + { inactivity = optional int; } + { installpolicy = optional boolean; } + { keyexchange = optional (enum [ "ikev1" "ikev2" ]); } + { keyingtries = optional (either int (enum [ "%forever" ])); } + { left = optional str; } + { lifebytes = optional int; } + { lifepackets = optional int; } + { lifetime = optional int; } + { marginbytes = optional int; } + { marginpackets = optional int; } + { mark = optional str; } + { mark_in = optional str; } + { mark_out = optional str; } + { me_peerid = optional str; } + { mediated_by = optional str; } + { mediation = optional boolean; } + { mobike = optional boolean; } + { modeconfig = optional (enum [ "push" "pull" ]); } + { reauth = optional boolean; } + { rekey = optional boolean; } + { rekeyfuzz = optional int; } + { replay_window = optional int; } + { reqid = optional int; } + { right = optional str; } + { tfc = optional (either int (enum [ "%mtu" ])); } + { type = optional (enum [ "tunnel" "transport" "transport_proxy" "passthrough" "drop" ]); } + { xauth = optional (enum [ "client" "server" ]); } + { xauth_identity = optional str; } + ]; + +in { + options = foldl (a: b: a//b) {} conn; +} |