Nixpkgs: openvpn: update-resolve-conf.sh not found

I'm not sure this would be such a great idea. Nix/OS already does quite a few things differently from other distributions, so this is not unique. Usually it would be a module's responsibility to set links in /etc and not the package's.

For instance, on my system, I don't even have an /etc/openvpn directory and the config is loaded from the nix store.

Especially in the case of configuration files, which are meant to be adjusted to the environment, I don't see a strong case linking to this script from /etc just because it's a convention. Not sure I understand the part about several services providing many configuration files - could you explain?

If the issue is to reliably find the location of the script, one can use sth like;

> nix-instantiate --eval '<nixpkgs>' -A pkgs.update-resolv-conf.outPath                                                                   
"/nix/store/j2rz5ibq4idfgg015xwrkdjqc9kxc8z5-update-resolv-conf-2017-06-21"

If one were to use a module (like the openvpn module) to generate the config, it's quite straight-forward to point to the location doing sth like;

services.openvpn.servers.myvpn.config = ''
  [...]
  up ${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf
  [...]
'';

cc @abbradar as the maintainer

Hi @d-goldin,

I think there are two problems.

1. The link to /etc/openvpn
   this can be easily bypassed by this command in configuration.nix

environment.etc.openvpn.source = pkgs.update-resolv-conf;

but currently this command is creating:
the following path: /etc/openvpn/libexec/openvpn

1. The presence of libexec/openvpn directories

A modification in the package like this one

installPhase = ''''.
    install -Dm555 update-resolv-conf.sh $out/update-resolv-conf
    install -Dm555 update-systemd-network.sh $out/update-systemd-network
    for i in $out/*; do
      wrapProgram $i --prefix PATH : ${binPath}
    done
  '';

would resolve the issue.

However, I don't see the impact on other applications.

ProtonVpn propose several > 550 configuration files, actually to use this file we must modify the path ( up and down)

Pierre

cc @abbradar as the maintainer

Hi again,

I will leave the question of whether adding a somewhat impure link to /etc from the package is a good idea or not aside.

But I'd like to note that the following:

[...]
environment.etc.openvpn.source = pkgs.update-resolv-conf;

but currently this command is creating:
the following path: /etc/openvpn/libexec/openvpn

Can be addressed by doing something like:

environment.etc."openvpn/update-resolv-conf".source = "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf";

HI
Thank you for the discussion.
Finally I used the following expression:
environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";

I will make one last comment once I have gone through the major distributions.

redhat
debian
arch

& guix ;-)

Have a good day to you.
Pierre

cc @abbradar

Last recipe works. Thanks!
Is there any more cute way to use openvpn with custom configs in NixOS?

@alexkutsan: I'm not sure what qualifies as cute in that regard, but I'm using services.openvpn.servers

Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:

1. Search for maintainers and people that previously touched the
   related code and @ mention them in a comment.
2. Ask on the NixOS Discourse. 3. Ask on the #nixos channel on
   irc.freenode.net.