For one, charon-nm, which is loaded as plugin by NetworkManager, is actually provided by the strongswanNM package. So that’s a different package than the one you configure via services.strongswan-swanctl.strongswan, which uses strongswan, by default (the difference is basically that the latter isn’t compiled with --enable-nm).
The second problem is that even if you changed the package to strongswanNM via service.strongswan-swanctl.strongswan.package, that wouldn’t make a difference. That’s because the strongswan.conf file that’s generated based on extraConfig is passed via STRONGSWAN_CONF environment variable only to the systemd service that strongswan-swanctl installs and that runs charon-systemd. So that won’t have any effect on charon-nm, which is invoked via D-Bus by NetworkManager.
If --sysconfdir is set to /etc when the strongswanNM package was built, you might be able to just create /etc/strongswan.conf manually to change the settings (if not, you might be able to create the file in ${strongswanNM}/etc/). I don’t know NixOS well enough to say for sure.
you can use something like nmapplet to configure it with a gui which is probably the easiest in this case. If you want to have it in your nixos-config, then you can use networking.networkmanager.ensureProfiles (please take a look at the description) and you can use nm2nix to convert existing profiles that you created manually.
Sorry if I’m missing the point but I think you want to setup a strongswan client with network-manager.
Hi thanks for the answers! None of the suggestions helped me so far, I am just not able to tweak the strongswan.conf file, therefore get no VPN connection…