summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsinanmohd <sinan@sinanmohd.com>2023-09-08 11:58:26 +0530
committersinanmohd <sinan@sinanmohd.com>2023-09-08 16:41:05 +0530
commit068ac0002e87a6760e44574c333bff4eeb895f59 (patch)
treecfec3b2df44014cc041db5571fe79718337d7b08
parent4aabff7d32166e86d88b2941c242ad4a04e803d9 (diff)
modules/pppd: init secrets
-rw-r--r--modules/pppd.nix28
1 files changed, 28 insertions, 0 deletions
diff --git a/modules/pppd.nix b/modules/pppd.nix
index 3a5e3a0..c176ec7 100644
--- a/modules/pppd.nix
+++ b/modules/pppd.nix
@@ -27,6 +27,24 @@ in
description = lib.mdDoc "default config for pppd";
};
+ secret = {
+ chap = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = lib.mdDoc "path to chap secret for pppd";
+ };
+ pap = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = lib.mdDoc "path to pap secret for pppd";
+ };
+ srp = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = lib.mdDoc "path to srp secret for pppd";
+ };
+ };
+
script = mkOption {
default = {};
description = lib.mdoc ''
@@ -144,6 +162,15 @@ in
'';
};
+ enabledSec = let
+ l = attrNames cfg.secret;
+ f = (s: cfg.secret.${s} != null);
+ in filter f l;
+ mkSec = sec : {
+ name = "ppp/${sec}-secrets";
+ value.source = cfg.secret.${sec};
+ };
+
mkSystemd = peerCfg: {
name = "pppd-${peerCfg.name}";
value = {
@@ -223,6 +250,7 @@ in
etcFiles = listToAttrs (map mkPeers enabledConfigs) //
listToAttrs (map mkMsh shTypes) //
listToAttrs (map mkUsh enabledSh) //
+ listToAttrs (map mkSec enabledSec) //
defaultCfg;
systemdConfigs = listToAttrs (map mkSystemd enabledConfigs);