From 08b8c6caf215f25e798ba578a71aa7a81c20ebca Mon Sep 17 00:00:00 2001 From: Matthieu Coudron Date: Sat, 6 Apr 2019 10:28:33 +0900 Subject: [PATCH] nixos/strongswan: use strings for secrets. The nixos module artifically enforces type.path whereas the ipsec secret configuration files accept pattern or relative paths. Enforcing absolute paths already caused problems with l2tp vpn: https://github.com/nm-l2tp/NetworkManager-l2tp/issues/108 --- nixos/modules/services/networking/strongswan.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/strongswan.nix b/nixos/modules/services/networking/strongswan.nix index 707d24b9220f..41b69039ba7a 100644 --- a/nixos/modules/services/networking/strongswan.nix +++ b/nixos/modules/services/networking/strongswan.nix @@ -54,7 +54,7 @@ in enable = mkEnableOption "strongSwan"; secrets = mkOption { - type = types.listOf types.path; + type = types.listOf types.str; default = []; example = [ "/run/keys/ipsec-foo.secret" ]; description = ''