Unverified Commit 8f2fa04f authored by Rahul Rameshbabu's avatar Rahul Rameshbabu
Browse files

Revert "globalprotect-openconnect: remove deprecated 1.x package" 



This reverts commit b08d6a66.

Signed-off-by: default avatarRahul Rameshbabu <sergeantsagara@protonmail.com>
parent 2e88dbad

nixos/doc/manual/release-notes/rl-2411.section.md

+4 −5
Original line number Diff line number Diff line
@@ -692,11 +692,10 @@ 


- `isync` has been updated to version `1.5.0`, which introduces some breaking changes. See the [compatibility concerns](https://sourceforge.net/projects/isync/files/isync/1.5.0/) for more details.



- Legacy package `globalprotect-openconnect` 1.x and related module

  `services.globalprotect` were dropped. Two new packages -- `gpauth` and `gpclient`

  from the 2.x version of the GlobalProtect-openconnect project -- are added in its

  place. The GUI components related to the project are non-free and not

  packaged.

- Two new packages -- `gpauth` and `gpclient` from the 2.x version of the

  GlobalProtect-openconnect project -- are added in parallel to

  `globalprotect-openconnect`. The GUI components related to the project are

  non-free and not packaged.



- Compatible string matching for `hardware.deviceTree.overlays` has been changed to a more correct behavior. See [below](#sec-release-24.11-migration-dto-compatible) for details.

nixos/modules/module-list.nix

+1 −0
Original line number Diff line number Diff line
@@ -1053,6 +1053,7 @@ 
  ./services/networking/gdomap.nix

  ./services/networking/ghostunnel.nix

  ./services/networking/git-daemon.nix

  ./services/networking/globalprotect-vpn.nix

  ./services/networking/gns3-server.nix

  ./services/networking/gnunet.nix

  ./services/networking/go-autoconfig.nix

nixos/modules/services/networking/globalprotect-vpn.nix

0 → 100644
+57 −0
Original line number Diff line number Diff line 
{ config, lib, pkgs, ... }:

let

  cfg = config.services.globalprotect;



  execStart =

    if cfg.csdWrapper == null then

      "${pkgs.globalprotect-openconnect}/bin/gpservice"

    else

      "${pkgs.globalprotect-openconnect}/bin/gpservice --csd-wrapper=${cfg.csdWrapper}";

in



{

  options.services.globalprotect = {

    enable = lib.mkEnableOption "globalprotect";



    settings = lib.mkOption {

      description = ''

        GlobalProtect-openconnect configuration. For more information, visit

        <https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration>.

      '';

      default = { };

      example = {

        "vpn1.company.com" = {

          openconnect-args = "--script=/path/to/vpnc-script";

        };

      };

      type = lib.types.attrs;

    };



    csdWrapper = lib.mkOption {

      description = ''

        A script that will produce a Host Integrity Protection (HIP) report,

        as described at <https://www.infradead.org/openconnect/hip.html>

      '';

      default = null;

      example = lib.literalExpression ''"''${pkgs.openconnect}/libexec/openconnect/hipreport.sh"'';

      type = lib.types.nullOr lib.types.path;

    };

  };



  config = lib.mkIf cfg.enable {

    services.dbus.packages = [ pkgs.globalprotect-openconnect ];



    environment.etc."gpservice/gp.conf".text = lib.generators.toINI { } cfg.settings;



    systemd.services.gpservice = {

      description = "GlobalProtect openconnect DBus service";

      serviceConfig = {

        Type = "dbus";

        BusName = "com.yuezk.qt.GPService";

        ExecStart = execStart;

      };

      wantedBy = [ "multi-user.target" ];

      after = [ "network.target" ];

    };

  };

}

pkgs/tools/networking/globalprotect-openconnect/default.nix

0 → 100644
+32 −0
Original line number Diff line number Diff line 
{ stdenv, lib, fetchurl

, cmake, qtwebsockets, qtwebengine, qtkeychain, wrapQtAppsHook, openconnect

}:



stdenv.mkDerivation rec {

  pname = "globalprotect-openconnect";

  version = "1.4.9";



  src = fetchurl {

    url = "https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v${version}/globalprotect-openconnect-${version}.tar.gz";

    hash = "sha256-vhvVKESLbqHx3XumxbIWOXIreDkW3yONDMXMHxhjsvk=";

  };



  nativeBuildInputs = [ cmake wrapQtAppsHook ];



  buildInputs = [ openconnect qtwebsockets qtwebengine qtkeychain ];



  patchPhase = ''

    substituteInPlace GPService/gpservice.h \

      --replace /usr/local/bin/openconnect ${openconnect}/bin/openconnect;

    substituteInPlace GPService/CMakeLists.txt \

      --replace /etc/gpservice $out/etc/gpservice;

  '';



  meta = with lib; {

    description = "GlobalProtect VPN client (GUI) for Linux based on OpenConnect that supports SAML auth mode";

    homepage = "https://github.com/yuezk/GlobalProtect-openconnect";

    license = licenses.gpl3Only;

    maintainers = [ maintainers.jerith666 ];

    platforms = platforms.linux;

  };

}

pkgs/top-level/all-packages.nix

+2 −0
Original line number Diff line number Diff line
@@ -5656,6 +5656,8 @@ with pkgs; 














  inherit (openconnectPackages) openconnect openconnect_openssl;



























  globalprotect-openconnect = libsForQt5.callPackage ../tools/networking/globalprotect-openconnect { };



























  sssd = callPackage ../os-specific/linux/sssd {















    inherit (perlPackages) Po4a;















    # python312Packages.python-ldap is broken