Commit 672199a3 authored by Fiona Behrens's avatar Fiona Behrens
Browse files

strongswan: add enableTPM2 option and tpm2-tss library 

Add a enableTPM2 option to the strongswan package and
conditionaly add tpm2-tss as input. This enables using tpm2 private
keys for strongswan as per documentation [0]

[0]: https://docs.strongswan.org/docs/5.9/tpm/tpm2.html
parent b4169ef9

pkgs/by-name/st/strongswan/package.nix

+4 −0
Original line number Diff line number Diff line
@@ -5,6 +5,7 @@ 
, systemd, pam

, curl

, enableTNC            ? false, trousers, sqlite, libxml2

, enableTPM2           ? false, tpm2-tss

, enableNetworkManager ? false, networkmanager

, darwin

, nixosTests
@@ -31,6 +32,7 @@ stdenv.mkDerivation rec { 
  buildInputs =

    [ curl gmp python3 ldns unbound openssl pcsclite ]

    ++ lib.optionals enableTNC [ trousers sqlite libxml2 ]

    ++ lib.optional enableTPM2 tpm2-tss

    ++ lib.optionals stdenv.hostPlatform.isLinux [ systemd.dev pam iptables ]

    ++ lib.optionals stdenv.hostPlatform.isDarwin (with darwin.apple_sdk.frameworks; [ SystemConfiguration ])

    ++ lib.optionals enableNetworkManager [ networkmanager glib ];
@@ -80,6 +82,8 @@ stdenv.mkDerivation rec { 
         "--with-tss=trousers"

         "--enable-aikgen"

         "--enable-sqlite" ]

    ++ lib.optionals enableTPM2 [

      "--enable-tpm" "--enable-tss-tss2" ]

    ++ lib.optionals enableNetworkManager [

         "--enable-nm"

         "--with-nm-ca-dir=/etc/ssl/certs" ]

pkgs/top-level/all-packages.nix

+1 −0
Original line number Diff line number Diff line
@@ -5037,6 +5037,7 @@ with pkgs; 
  stutter = haskell.lib.compose.justStaticExecutables haskellPackages.stutter;















  strongswanTNC = strongswan.override { enableTNC = true; };













  strongswanTPM = strongswan.override { enableTPM2 = true; };















  strongswanNM  = strongswan.override { enableNetworkManager = true; };





























  stylish-haskell = haskell.lib.compose.justStaticExecutables haskellPackages.stylish-haskell;