7ee5699496
I noticed that openvpn3 is been clobbering my `/etc/resolv.conf` file. I dug around a bit, and it turns out that upstream actually does have support for systemd-resolved. I think it makes sense for us to automatically enable that feature if the system is configured to use systemd-resolved. I opted to not change the default behavior of `pkgs.openvpn3`, but can easily be convinced to change that if folks think I should.
45 lines
941 B
Nix
45 lines
941 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.programs.openvpn3;
|
|
in
|
|
{
|
|
options.programs.openvpn3 = {
|
|
enable = mkEnableOption (lib.mdDoc "the openvpn3 client");
|
|
package = mkOption {
|
|
type = types.package;
|
|
default = pkgs.openvpn3.override {
|
|
enableSystemdResolved = config.services.resolved.enable;
|
|
};
|
|
defaultText = literalExpression ''pkgs.openvpn3.override {
|
|
enableSystemdResolved = config.services.resolved.enable;
|
|
}'';
|
|
description = lib.mdDoc ''
|
|
Which package to use for `openvpn3`.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.dbus.packages = [
|
|
cfg.package
|
|
];
|
|
|
|
users.users.openvpn = {
|
|
isSystemUser = true;
|
|
uid = config.ids.uids.openvpn;
|
|
group = "openvpn";
|
|
};
|
|
|
|
users.groups.openvpn = {
|
|
gid = config.ids.gids.openvpn;
|
|
};
|
|
|
|
environment.systemPackages = [
|
|
cfg.package
|
|
];
|
|
};
|
|
|
|
}
|