Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 1.4.3 with grep in /nix/store/y2jkp10za0xpb7slalbfp3qyh9sgls70-NetworkManager-strongswan-1.4.3
- directory tree listing: https://gist.github.com/3d79a64230389ed5f84ff788ad4c56f1
Currently broken on NixOS due to hardcoded modprobe binary path (see
bug #30756 from Oct 2017), no activity on a proposed fix for months.
As the protocol is terribly broken anyways, let's better remove it
completely, and not talk about anymore ;-)
Closes#30756.
l2tp saves its secrets into /etc/ipsec.d but strongswan would not read
them. l2tp checks for /etc/ipsec.secrets includes /etc/ipsec.d and if
not tries to write into it.
Solution:
Have the strongswan module create /etc/ipsec.d and /etc/ipsec.secrets
when networkmanager_l2tp is installed.
Include /etc/ipsec.secrets in
/nix/store/hash-strongswan/etc/ipsec.secrets so that it can find l2tp
secrets.
Also when the ppp 'nopeerdns' option is used, the DNS resolver tries to
write into an alternate file /etc/ppp/resolv.conf. This fails when
/etc/ppp does not exist so the module creates it by default.
the new version brings a new panel in IPsec settings which allows to
reenable old algorithms for IPsec phases 1/2 (dropped in recent libreswan/strongswan etc).
Also updates the homepage with the new one.
Added the boolean option:
networking.networkmanager.enableStrongSwan
which enables the networkmanager_strongswan plugin and adds
strongswanNM to the dbus packages.
This was contributed by @wucke13, @eqyiel and @globin.
Fixes: #29873
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
