| blob | 1844b0a88b0a7089eba3943354247f1cdc8b03cc |
1 { config, lib, pkgs, ... }:
3 with lib;
5 let
6 cfg = config.services.softether;
8 package = cfg.package.override { inherit (cfg) dataDir; };
10 in
11 {
13 ###### interface
15 options = {
17 services.softether = {
19 enable = mkEnableOption "SoftEther VPN services";
21 package = mkPackageOption pkgs "softether" { };
23 vpnserver.enable = mkEnableOption "SoftEther VPN Server";
25 vpnbridge.enable = mkEnableOption "SoftEther VPN Bridge";
27 vpnclient = {
28 enable = mkEnableOption "SoftEther VPN Client";
29 up = mkOption {
30 type = types.lines;
31 default = "";
32 description = ''
33 Shell commands executed when the Virtual Network Adapter(s) is/are starting.
34 '';
35 };
36 down = mkOption {
37 type = types.lines;
38 default = "";
39 description = ''
40 Shell commands executed when the Virtual Network Adapter(s) is/are shutting down.
41 '';
42 };
43 };
45 dataDir = mkOption {
46 type = types.path;
47 default = "/var/lib/softether";
48 description = ''
49 Data directory for SoftEther VPN.
50 '';
51 };
53 };
55 };
57 ###### implementation
59 config = mkIf cfg.enable (
61 mkMerge [{
62 environment.systemPackages = [ package ];
64 systemd.services.softether-init = {
65 description = "SoftEther VPN services initial task";
66 wantedBy = [ "network.target" ];
67 serviceConfig = {
68 Type = "oneshot";
69 RemainAfterExit = false;
70 };
71 script = ''
72 for d in vpnserver vpnbridge vpnclient vpncmd; do
73 if ! test -e ${cfg.dataDir}/$d; then
74 ${pkgs.coreutils}/bin/mkdir -m0700 -p ${cfg.dataDir}/$d
75 install -m0600 ${package}${cfg.dataDir}/$d/hamcore.se2 ${cfg.dataDir}/$d/hamcore.se2
76 fi
77 done
78 rm -rf ${cfg.dataDir}/vpncmd/vpncmd
79 ln -s ${package}${cfg.dataDir}/vpncmd/vpncmd ${cfg.dataDir}/vpncmd/vpncmd
80 '';
81 };
82 }
84 (mkIf cfg.vpnserver.enable {
85 systemd.services.vpnserver = {
86 description = "SoftEther VPN Server";
87 after = [ "softether-init.service" ];
88 requires = [ "softether-init.service" ];
89 wantedBy = [ "network.target" ];
90 serviceConfig = {
91 Type = "forking";
92 ExecStart = "${package}/bin/vpnserver start";
93 ExecStop = "${package}/bin/vpnserver stop";
94 };
95 preStart = ''
96 rm -rf ${cfg.dataDir}/vpnserver/vpnserver
97 ln -s ${package}${cfg.dataDir}/vpnserver/vpnserver ${cfg.dataDir}/vpnserver/vpnserver
98 '';
99 postStop = ''
100 rm -rf ${cfg.dataDir}/vpnserver/vpnserver
101 '';
102 };
103 })
105 (mkIf cfg.vpnbridge.enable {
106 systemd.services.vpnbridge = {
107 description = "SoftEther VPN Bridge";
108 after = [ "softether-init.service" ];
109 requires = [ "softether-init.service" ];
110 wantedBy = [ "network.target" ];
111 serviceConfig = {
112 Type = "forking";
113 ExecStart = "${package}/bin/vpnbridge start";
114 ExecStop = "${package}/bin/vpnbridge stop";
115 };
116 preStart = ''
117 rm -rf ${cfg.dataDir}/vpnbridge/vpnbridge
118 ln -s ${package}${cfg.dataDir}/vpnbridge/vpnbridge ${cfg.dataDir}/vpnbridge/vpnbridge
119 '';
120 postStop = ''
121 rm -rf ${cfg.dataDir}/vpnbridge/vpnbridge
122 '';
123 };
124 })
126 (mkIf cfg.vpnclient.enable {
127 systemd.services.vpnclient = {
128 description = "SoftEther VPN Client";
129 after = [ "softether-init.service" ];
130 requires = [ "softether-init.service" ];
131 wantedBy = [ "network.target" ];
132 serviceConfig = {
133 Type = "forking";
134 ExecStart = "${package}/bin/vpnclient start";
135 ExecStop = "${package}/bin/vpnclient stop";
136 };
137 preStart = ''
138 rm -rf ${cfg.dataDir}/vpnclient/vpnclient
139 ln -s ${package}${cfg.dataDir}/vpnclient/vpnclient ${cfg.dataDir}/vpnclient/vpnclient
140 '';
141 postStart = ''
142 sleep 1
143 ${cfg.vpnclient.up}
144 '';
145 postStop = ''
146 rm -rf ${cfg.dataDir}/vpnclient/vpnclient
147 sleep 1
148 ${cfg.vpnclient.down}
149 '';
150 };
151 boot.kernelModules = [ "tun" ];
152 })
154 ]);
156 }