Strongswan + additional plugins (eap-ttls)

Help
1

Hello

Unclear for me how to use strongswan package with Attribute name strongswanTNC
I need eap-ttls plugin and now completelly confused how to enable it.
I tried a few options (please review my module config (now commented options) but unsuccessfully.

{ config, pkgs, ...}:

let
  version	= 2;
  secret	= "mysecret";
  esp_proposals = [ "aes256-sha256-ecp384" ];
  proposals	= [ "aes256-sha256-ecp384" ];
  strongswan    = config.services.strongswan-swanctl.package;

  # strongswan    = callPackage ../tools/networking/strongswan { };
  # strongswanTNC = strongswan.override { enableTNC = true; };

in {

  # nixpkgs.config.strongswan.enableTNC = true;

  # environment.systemPackages = with pkgs; [
  #  (pkgs.strongswan.override { enableTNC = true; })
  # ];

  # strongswan    = callPackage ../tools/networking/strongswan { };
  # strongswanTNC = strongswan.override { enableTNC = true; };

  services.strongswan-swanctl = {
    enable = true;
    swanctl = {
      connections = {
        taras = {
          local_addrs = [ "%any" ];
          remote_addrs = [ "192.x.x.35" ];
          local.main = {
            auth = "eap";
            # aaa_id = "%any";
            id = "aae";
          };
          remote.main = {
            auth = "pubkey";
            id = "%any";
          };
          children = {
            taras = {
              remote_ts = [ "10.20.0.0/15" ];
              start_action = "trap";
              updown = "${strongswan}/libexec/ipsec/_updown iptables";
              inherit esp_proposals;
            };
          };
          inherit version;
          inherit proposals;
        };
      };
      secrets = {
        eap.aae = {
          id.main = "aae";
          inherit secret;
        };
      };
    };
  };
}

Could someone clarify where my mistake is.

Any help is very much appreciated.

Thank you!

2

another words:

[root@aae-third:/]# swanctl
The program ‘swanctl’ is currently not installed. It is provided by
several packages. You can install it by typing one of the following:
  nix-env -iA nixos.strongswan
  nix-env -iA nixos.strongswanNM
  nix-env -iA nixos.strongswanTNC

I need nixos.strongswanTNC exactly, How to choice this one in my nix config?

Thanks for your help

3

Hi,

Why you cannot just install : nix-env -iA nixos.strongswanTNC ?

Best Regards