diff --git a/glicid/packages/vpn.scm b/glicid/packages/vpn.scm index d498cfb..de4ab89 100644 --- a/glicid/packages/vpn.scm +++ b/glicid/packages/vpn.scm @@ -9,6 +9,7 @@ #:use-module (guix build-system copy) #:use-module (guix build-system go) #:use-module (nonguix build-system binary) + #:use-module (gnu packages certs) #:use-module (gnu packages dns) #:use-module (gnu packages gl) #:use-module (gnu packages golang) @@ -32,7 +33,7 @@ (build-system copy-build-system) (arguments `(#:install-plan `(("netbird" "/bin/")))) - (propagated-inputs (list openresolv iptables nftables ebtables)) + (propagated-inputs (list openresolv iptables nftables ebtables le-certs nss-certs)) (synopsis "NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home. Connect. NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth. Secure. NetBird enables secure remote access by applying granular access policies while allowing you to manage them intuitively from a single place. Works universally on any infrastructure.") diff --git a/glicid/services/vpn.scm b/glicid/services/vpn.scm index ab3a332..90de51f 100644 --- a/glicid/services/vpn.scm +++ b/glicid/services/vpn.scm @@ -38,11 +38,11 @@ (define-record-type* netbird-configuration make-netbird-configuration netbird-configuration? + (instance-name instance-name (default '(netbird))) (netbird netbird (default netbird-cli)) (config-file config-file (default "/etc/netbird/config.json")) (daemon-addr daemon-addr (default "unix:///var/run/netbird.sock")) - (log-file log-file (default "/var/log/netbird.log")) - ) + (log-file log-file (default "/var/log/netbird.log"))) (define %netbird-activation #~(begin @@ -51,27 +51,27 @@ (define netbird-shepherd-service (match-lambda - (($ netbird config-file daemon-addr log-file) + (($ instance-name netbird config-file daemon-addr log-file) (list (shepherd-service - (provision '(netbird)) + (provision instance-name) (documentation "Run netbird daemon.") - (requirement '(user-processes)) + (requirement '(user-processes networking)) (respawn? #t) (start #~(make-forkexec-constructor (list (string-append #$netbird "/bin/netbird") "service" "run" - "--config" - #$config-file + "--config" #$config-file "--log-level" "info" - "--daemon-addr" - #$daemon-addr - "--log-file" - "console") + "--daemon-addr" #$daemon-addr + "--log-file" "console") #:environment-variables (list - "PATH=/run/current-system/profile/bin:/run/current-system/profile/sbin:/run/current-system/profile/libexec") + "PATH=/run/current-system/profile/bin:/run/current-system/profile/sbin:/run/current-system/profile/libexec" + "CURL_CA_BUNDLE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt" + "SSL_CERT_FILE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt" + "SSL_CERT_DIR=/run/current-system/profile/etc/ssl/certs") #:log-file #$log-file )) (stop #~(make-kill-destructor)))))))