Merge remote-tracking branch 'origin/master'

nixos/modules/programs/openvpn3.nix

@@ -1,43 +1,108 @@
 { config, lib, pkgs, ... }:
 
 let
+  json = pkgs.formats.json { };
   cfg = config.programs.openvpn3;
-in
-{
+
+  inherit (lib) mkEnableOption mkPackageOption mkOption literalExpression max options lists;
+  inherit (lib.types) bool submodule ints;
+in {
   options.programs.openvpn3 = {
-    enable = lib.mkEnableOption "the openvpn3 client";
-    package = lib.mkOption {
-      type = lib.types.package;
-      default = pkgs.openvpn3.override {
-        enableSystemdResolved = config.services.resolved.enable;
+    enable = mkEnableOption "the openvpn3 client";
+    package = mkPackageOption pkgs "openvpn3" { };
+    netcfg = mkOption {
+      description = "Network configuration";
+      default = { };
+      type = submodule {
+        options = {
+          settings = mkOption {
+            description = "Options stored in {file}`/etc/openvpn3/netcfg.json` configuration file";
+            default = { };
+            type = submodule {
+              freeformType = json.type;
+              options = {
+                systemd_resolved = mkOption {
+                  type = bool;
+                  description = "Whether to use systemd-resolved integration";
+                  default = config.services.resolved.enable;
+                  defaultText = literalExpression "config.services.resolved.enable";
+                  example = false;
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+    log-service = mkOption {
+      description = "Log service configuration";
+      default = { };
+      type = submodule {
+        options = {
+          settings = mkOption {
+            description = "Options stored in {file}`/etc/openvpn3/log-service.json` configuration file";
+            default = { };
+            type = submodule {
+              freeformType = json.type;
+              options = {
+                journald = mkOption {
+                  description = "Use systemd-journald";
+                  type = bool;
+                  default = true;
+                  example = false;
+                };
+                log_dbus_details = mkOption {
+                  description = "Add D-Bus details in log file/syslog";
+                  type = bool;
+                  default = true;
+                  example = false;
+                };
+                log_level = mkOption {
+                  description = "How verbose should the logging be";
+                  type = (ints.between 0 7) // {
+                    merge = _loc: defs:
+                      lists.foldl max 0 (options.getValues defs);
+                  };
+                  default = 3;
+                  example = 6;
+                };
+                timestamp = mkOption {
+                  description = "Add timestamp log file";
+                  type = bool;
+                  default = false;
+                  example = true;
+                };
+              };
+            };
+          };
+        };
       };
-      defaultText = lib.literalExpression ''pkgs.openvpn3.override {
-        enableSystemdResolved = config.services.resolved.enable;
-      }'';
-      description = ''
-        Which package to use for `openvpn3`.
-      '';
     };
   };
 
   config = lib.mkIf cfg.enable {
-    services.dbus.packages = [
-      cfg.package
-    ];
+    services.dbus.packages = [ cfg.package ];
 
     users.users.openvpn = {
       isSystemUser = true;
       uid = config.ids.uids.openvpn;
       group = "openvpn";
     };
 
-    users.groups.openvpn = {
-      gid = config.ids.gids.openvpn;
+    users.groups.openvpn = { gid = config.ids.gids.openvpn; };
+
+    environment = {
+      systemPackages = [ cfg.package ];
+      etc = {
+        "openvpn3/netcfg.json".source =
+          json.generate "netcfg.json" cfg.netcfg.settings;
+        "openvpn3/log-service.json".source =
+          json.generate "log-service.json" cfg.log-service.settings;
+      };
     };
 
-    environment.systemPackages = [
-      cfg.package
-    ];
+    systemd.packages = [ cfg.package ];
   };
 
+  meta.maintainers = with lib.maintainers; [ shamilton progrm_jarvis ];
 }

pkgs/by-name/db/dbeaver-bin/package.nix

@@ -12,6 +12,7 @@
   glib,
   webkitgtk_4_0,
   glib-networking,
+  override_xmx ? "1024m",
 }:
 
 stdenvNoCC.mkDerivation (finalAttrs: {
@@ -54,6 +55,11 @@ stdenvNoCC.mkDerivation (finalAttrs: {
   dontConfigure = true;
   dontBuild = true;
 
+  prePatch = ''
+    substituteInPlace dbeaver.ini \
+      --replace-fail '-Xmx1024m' '-Xmx${override_xmx}'
+  '';
+
   installPhase =
     if !stdenvNoCC.hostPlatform.isDarwin then
       ''

pkgs/by-name/gd/gdbuspp/package.nix

@@ -0,0 +1,46 @@
+{
+  lib,
+  stdenv,
+  fetchFromGitHub,
+  meson,
+  ninja,
+  glib,
+  pkg-config,
+}:
+
+stdenv.mkDerivation rec {
+  pname = "gdbuspp";
+  version = "2";
+  src = fetchFromGitHub {
+    owner = "OpenVPN";
+    repo = "gdbuspp";
+    rev = "refs/tags/v${version}";
+    hash = "sha256-A0sl4zZa17zMec/jJASE8lDVNohzJzEGZbWjjsorB2Y=";
+  };
+
+  postPatch = ''
+    patchShebangs --build ./scripts/get-git-ref
+  '';
+
+  nativeBuildInputs = [
+    meson
+    ninja
+    pkg-config
+  ];
+
+  buildInputs = [ glib ];
+
+  meta = {
+    description = "GDBus++ - a glib2 D-Bus wrapper for C++";
+    longDescription = ''
+      This library provides a simpler C++ based interface to implement D-Bus
+      into applications in a more C++ approach, based on the C++17 standard.
+    '';
+    homepage = "https://codeberg.org/OpenVPN/gdbuspp";
+    changelog = "https://codeberg.org/OpenVPN/gdbuspp/releases/tag/v${version}";
+    license = lib.licenses.agpl3Only;
+    sourceProvenance = [ lib.sourceTypes.fromSource ];
+    maintainers = [ lib.maintainers.progrm_jarvis ];
+    platforms = lib.platforms.linux;
+  };
+}

pkgs/by-name/op/openvpn3/0001-build-reduce-hardcode-in-asio_path.patch

@@ -0,0 +1,46 @@
+From 30b2528054e6627a7124ac04cb018356ef23d864 Mon Sep 17 00:00:00 2001
+From: Petr Portnov <[email protected]>
+Date: Mon, 2 Sep 2024 22:25:33 +0300
+Subject: [PATCH 1/1] build: reduce hardcode in `asio_path`
+
+Currently, `asio_path` variable value is concatenated with `/asio/include`
+to specify the path to custom `asio` installation.
+The problem is that this is too strict as some distros (namely NixOS)
+may have the `include` directory with a differently named parent.
+Thus this change minimizes the hardcoded part of the path to make it more flexible.
+
+Signed-off-by: Petr Portnov <[email protected]>
+---
+ meson.build       | 2 +-
+ meson_options.txt | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/meson.build b/meson.build
+index c9e0a2d..c01eb8e 100644
+--- a/meson.build
++++ b/meson.build
+@@ -74,7 +74,7 @@ endif
+ #
+ #  Setup additional include header dirs
+ #
+-asio_inc = get_option('asio_path') / 'asio' / 'include'
++asio_inc = get_option('asio_path') / 'include'
+ message ('ASIO library: ' + asio_inc)
+
+ openvpn3_core_inc = get_option('openvpn3_core_path')
+diff --git a/meson_options.txt b/meson_options.txt
+index d9cf02e..43e301e 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -26,7 +26,7 @@ option('debug_options', type: 'boolean', value: false,
+ #
+ #  Build environment and related build time options
+ #
+-option('asio_path', type: 'string', value: './vendor/asio',
++option('asio_path', type: 'string', value: './vendor/asio/asio',
+        description: 'Path to the ASIO header files')
+
+ option('openvpn3_core_path', type: 'string', value: './openvpn3-core',
+-- 
+2.43.0
+

pkgs/by-name/op/openvpn3/0002-build-allow-installation-directories-customization.patch

@@ -0,0 +1,115 @@
+From 848cc46d05c203de393d75434a3f571d78687f50 Mon Sep 17 00:00:00 2001
+From: Petr Portnov <[email protected]>
+Date: Sun, 22 Sep 2024 13:16:02 +0300
+Subject: [PATCH] build: allow installation directories' customization
+
+This allows to configure the installation directories
+for systemd and D-Bus files.
+
+Signed-off-by: Petr Portnov <[email protected]>
+---
+ distro/systemd/meson.build |  9 +++++++--
+ meson.build                | 12 ++++++++++--
+ meson_options.txt          | 12 ++++++++++++
+ src/configmgr/meson.build  | 10 ++++++----
+ 4 files changed, 35 insertions(+), 8 deletions(-)
+
+diff --git a/distro/systemd/meson.build b/distro/systemd/meson.build
+index 36d556c..9c636b6 100644
+--- a/distro/systemd/meson.build
++++ b/distro/systemd/meson.build
+@@ -15,12 +15,17 @@ systemd_cfg = configuration_data({
+
+ systemd_service_cfg = dependency('systemd')
+
++systemd_system_unit_dir = get_option('systemd_system_unit_dir')
++if systemd_system_unit_dir == ''
++  systemd_system_unit_dir = systemd_service_cfg.get_variable('systemdsystemunitdir')
++endif
++
+ configure_file(
+     input: 'openvpn3-autoload.service.in',
+     output: 'openvpn3-autoload.service',
+     configuration: systemd_cfg,
+     install: true,
+-    install_dir: systemd_service_cfg.get_variable('systemdsystemunitdir'),
++    install_dir: systemd_system_unit_dir,
+ )
+
+ configure_file(
+@@ -28,7 +33,7 @@ configure_file(
+     output: '[email protected]',
+     configuration: systemd_cfg,
+     install: true,
+-    install_dir: systemd_service_cfg.get_variable('systemdsystemunitdir'),
++    install_dir: systemd_system_unit_dir,
+ )
+
+ custom_target('openvpn3-systemd',
+diff --git a/meson.build b/meson.build
+index 586c72a..ba41440 100644
+--- a/meson.build
++++ b/meson.build
+@@ -203,8 +203,16 @@ message('OpenVPN 3 Linux service binary directory: ' + get_option('prefix') / li
+
+ #
+ #  D-Bus configuration
+-dbus_policy_dir = dep_dbus.get_variable('datadir') / 'dbus-1' / 'system.d'
+-dbus_service_dir = dep_dbus.get_variable('system_bus_services_dir')
++dbus_policy_dir = get_option('dbus_policy_dir')
++if dbus_policy_dir == ''
++    dbus_policy_dir = dep_dbus.get_variable('datadir') / 'dbus-1' / 'system.d'
++endif
++
++dbus_service_dir = get_option('dbus_system_service_dir')
++if dbus_service_dir == ''
++    dbus_service_dir = dep_dbus.get_variable('system_bus_services_dir')
++endif
++
+ dbus_config = {
+     'OPENVPN_USERNAME': get_option('openvpn_username'),
+     'LIBEXEC_PATH': get_option('prefix') / libexec_dir,
+diff --git a/meson_options.txt b/meson_options.txt
+index 43e301e..04809df 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -93,6 +93,18 @@ option('use-legacy-polkit-pkla', type: 'feature', value: 'disabled',
+ option('polkit_pkla_rulesdir', type: 'string', value: '',
+        description: 'Override PolicyKit PKLA rules directory')
+
++#
++# Installation
++#
++option('dbus_policy_dir', type: 'string',
++       description: 'D-Bus policy directory')
++option('dbus_system_service_dir', type: 'string',
++       description: 'D-Bus system service directory')
++option('systemd_system_unit_dir', type: 'string',
++       description: 'Path to systemd system unit directory')
++option('create_statedir', type: 'feature', value: 'enabled',
++       description: 'Create directory for OpenVPN 3 state during install phase')
++
+ #
+ #  Testing tools
+ #
+diff --git a/src/configmgr/meson.build b/src/configmgr/meson.build
+index 5d0a649..6f788b7 100644
+--- a/src/configmgr/meson.build
++++ b/src/configmgr/meson.build
+@@ -52,7 +52,9 @@ configure_file(
+     install_dir: dbus_service_dir,
+ )
+
+-# Create the configs directory for persistent configuration profiles
+-# NOTE: Can be replaced with install_emptydir() when Meson 0.60 or newer
+-#       is available on all supported distros
+-meson.add_install_script('sh','-c', 'mkdir -p $DESTDIR@0@'.format(openvpn3_statedir / 'configs'))
++if get_option('create_statedir').enabled()
++    # Create the configs directory for persistent configuration profiles
++    # NOTE: Can be replaced with install_emptydir() when Meson 0.60 or newer
++    #       is available on all supported distros
++    meson.add_install_script('sh','-c', 'mkdir -p $DESTDIR@0@'.format(openvpn3_statedir / 'configs'))
++endif
+-- 
+2.45.2
+