dan/liminix
1
0
Fork 5
Code

pppoe allow secrets for username/password

Browse Source
This commit is contained in:
Daniel Barlow 2024-08-21 00:17:22 +01:00
parent 4cc82e1502
commit 2992771c7e
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/ppp/default.nix
View File

@ -33,8 +33,14 @@ in {
type = liminix.lib.types.service; type = liminix.lib.types.service;
description = "ethernet interface to run PPPoE over"; description = "ethernet interface to run PPPoE over";
}; };
username = mkStringOption "username"; username = mkOption {
password = mkStringOption "password"; type = liminix.lib.types.replacable;
description = "username";
};
password = mkOption {
type = liminix.lib.types.replacable;
description = "password";
};
lcpEcho = { lcpEcho = {
adaptive = mkOption { adaptive = mkOption {
description = "send LCP echo-request frames only if no traffic was received from the peer since the last echo-request was sent"; description = "send LCP echo-request frames only if no traffic was received from the peer since the last echo-request was sent";

16
modules/ppp/pppoe.nix
View File

@ -16,7 +16,7 @@
}: }:
let let
inherit (liminix.services) longrun; inherit (liminix.services) longrun;
inherit (lib) optional optionals concatStringsSep; inherit (lib) optional optionals escapeShellArgs concatStringsSep;
name = "${interface.name}.pppoe"; name = "${interface.name}.pppoe";
ip-up = writeAshScript "ip-up" {} '' ip-up = writeAshScript "ip-up" {} ''
. ${serviceFns} . ${serviceFns}
@ -39,10 +39,18 @@ let
) )
echo >/proc/self/fd/10 echo >/proc/self/fd/10
''; '';
literal_or_output =
let v = o: ({
string = builtins.toJSON;
int = builtins.toJSON;
set = (o: "output(${builtins.toJSON o.service}, ${builtins.toJSON o.path})");
}.${builtins.typeOf o}) o;
in o: "{{ ${v o} }}";
ppp-options' = ["+ipv6" "noauth"] ppp-options' = ["+ipv6" "noauth"]
++ optional debug "debug" ++ optional debug "debug"
++ optionals (username != null) ["name" username] ++ optionals (username != null) ["name" (literal_or_output username)]
++ optionals (password != null) ["password" password] ++ optionals (password != null) ["password" (literal_or_output password)]
++ optional lcpEcho.adaptive "lcp-echo-adaptive" ++ optional lcpEcho.adaptive "lcp-echo-adaptive"
++ optionals (lcpEcho.interval != null) ++ optionals (lcpEcho.interval != null)
["lcp-echo-interval" (builtins.toString lcpEcho.interval)] ["lcp-echo-interval" (builtins.toString lcpEcho.interval)]
@ -64,7 +72,7 @@ longrun {
. ${serviceFns} . ${serviceFns}
mkdir -p /run/${name} mkdir -p /run/${name}
chmod 0700 /run/${name} chmod 0700 /run/${name}
echo ${concatStringsSep " " ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/${name}.conf echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/${name}.conf
echo Starting pppoe, pppd pid is $$ echo Starting pppoe, pppd pid is $$
exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/${name}.conf exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/${name}.conf
''; '';