diff options
author | sinanmohd <sinan@sinanmohd.com> | 2023-09-08 11:58:26 +0530 |
---|---|---|
committer | sinanmohd <sinan@sinanmohd.com> | 2023-09-08 16:41:05 +0530 |
commit | 068ac0002e87a6760e44574c333bff4eeb895f59 (patch) | |
tree | cfec3b2df44014cc041db5571fe79718337d7b08 | |
parent | 4aabff7d32166e86d88b2941c242ad4a04e803d9 (diff) |
modules/pppd: init secrets
-rw-r--r-- | modules/pppd.nix | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/modules/pppd.nix b/modules/pppd.nix index 3a5e3a0..c176ec7 100644 --- a/modules/pppd.nix +++ b/modules/pppd.nix @@ -27,6 +27,24 @@ in description = lib.mdDoc "default config for pppd"; }; + secret = { + chap = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc "path to chap secret for pppd"; + }; + pap = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc "path to pap secret for pppd"; + }; + srp = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc "path to srp secret for pppd"; + }; + }; + script = mkOption { default = {}; description = lib.mdoc '' @@ -144,6 +162,15 @@ in ''; }; + enabledSec = let + l = attrNames cfg.secret; + f = (s: cfg.secret.${s} != null); + in filter f l; + mkSec = sec : { + name = "ppp/${sec}-secrets"; + value.source = cfg.secret.${sec}; + }; + mkSystemd = peerCfg: { name = "pppd-${peerCfg.name}"; value = { @@ -223,6 +250,7 @@ in etcFiles = listToAttrs (map mkPeers enabledConfigs) // listToAttrs (map mkMsh shTypes) // listToAttrs (map mkUsh enabledSh) // + listToAttrs (map mkSec enabledSec) // defaultCfg; systemdConfigs = listToAttrs (map mkSystemd enabledConfigs); |