openvpn3: v20 -> v22_dev

[JarvisCraft]

Description of changes

This updates openvpn3 from v20 to v22_dev.
Considering that v20 and v21 currently don't work due to glib problems (see #235986 for details) it is worth jumping to _dev version for now (worth noting that Aur already uses this version).

This PR also adds the gdbuspp module which is a D-Bus library developed by OpenVPN team now used by openvpn3-linux.

Also, the corresponding NixOS module now generates the openvpn3 configs in /etc with the settings exposed via module's configuration.

I've tested the changes on my setup and they seem to fix issues previously observed on v20.

cc @dsommers as suggested by my colleague.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[JarvisCraft]

@SCOTT-HAMILTON, @KFearsoff, hi there!

Since modules allow meta.maintainers, I've added you to that of openvpn3 module (copying the declaration from openvpn3 package). Please make sure to tell me if this is wrong, in which case I will remove you from it

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-ready-for-review/3032/4300

[KFearsoff]

Thank you for your contribution! I'm truly grateful for your effort, since my schedule and burnout made updating the package hard, and having it not been updated was a lot of psychological pressure. This is also why it took me a while to review, but I digress; excellent work here!

And the technical part is excellent. The Nixpkgs APIs are very well-researched, and the decisions made are rock solid. I couldn't find anything I disagree with, just a few small questions.

Happy to say: LGTM!

[JarvisCraft]

@KFearsoff, thanks a lot for your review and the nice words!

Hope you are fine and will defeat the burnout!

It was thanks to @CertainLach who led me through accurately packaging the app and updating the module (it was an external chat with him), so a lot of credits go to him.

The best of luck to you!

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-already-reviewed/2617/1846

[JarvisCraft]

@KFearsoff, could you please re-approve?
I've applied the following change via a rebase:

-echo '#define PACKAGE_GUIVERSION "${builtins.replaceStrings ["_"] [":"] version}_{unknown}__s"' >> ./src/build-version.h
+echo '#define PACKAGE_GUIVERSION "${builtins.replaceStrings ["_"] [":"] version}_unknown__s"' >> ./src/build-version.h

[JarvisCraft]

Thanks!

[SuperSandro2000]

please delete lines in patches instead of commenting them

[JarvisCraft]

All done

[SuperSandro2000]

Suggested change

	maintainers = [
	lib.maintainers.shamilton
	lib.maintainers.kfears
	lib.maintainers.progrm_jarvis
	];
	maintainers = with lib.maintainers; [
	shamilton
	kfears
	progrm_jarvis
	];

[JarvisCraft]

Thanks, done

[SuperSandro2000]

The dev output should be choosen automatically

[JarvisCraft]

Fair enough, done

[SuperSandro2000]

Suggested change

	gobject-introspection.dev
	gobject-introspection

this is likely wrong or in the wrong input

[JarvisCraft]

Removed .dev, yet it is consciously on nativeBuildInputs

[SuperSandro2000]

Suggested change

	patchShebangs ** /*.py ** /*.sh \
	patchShebangs **/*.py **/*.sh \

do you mean this?

[JarvisCraft]

This was part of the original openvpn3 (when it rested in pkgs/tools) thus I have kept it as-is, but I will do a re-check.

[JarvisCraft]

UPD: I've actualized the call to patchShebangs, now only patches files which actually need it

[SuperSandro2000]

Suggested change

	echo '#define OPENVPN_VERSION "3.git:unknown:unknown"' > ./src/build-version.h
	echo '#define PACKAGE_GUIVERSION "${builtins.replaceStrings ["_"] [":"] version}_unknown__s"' >> ./src/build-version.h
	echo '#define PACKAGE_NAME "openvpn3-linux"' >> ./src/build-version.h
	echo '#define OPENVPN_VERSION "3.git:unknown:unknown"
	#define PACKAGE_GUIVERSION "${builtins.replaceStrings ["_"] [":"] version}_unknown__s"
	#define PACKAGE_NAME "openvpn3-linux"
	' > ./src/build-version.h

[JarvisCraft]

True, thanks!

[SuperSandro2000]

Suggested change

	description =
	"Options stored in {file}`/etc/openvpn3/log-service.json` configuration file";
	description = "Options stored in {file}`/etc/openvpn3/log-service.json` configuration file";

[JarvisCraft]

This is (and the following) formatting is by nixfmt-rfc-style which is specified by default.nix so I am unsure if I should manually rollback the lines (given that it would move them back again). Correct me if I am wrong

[KFearsoff]

Let's follow the nixfmt-rfc-style

[SuperSandro2000]

Suggested change

	defaultText =
	literalExpression "config.services.resolved.enable";
	defaultText = literalExpression "config.services.resolved.enable";

[JarvisCraft]

(see note above about nixfmt-rfc-style)

[SuperSandro2000]

Suggested change

	description =
	"Options stored in {file}`/etc/openvpn3/netcfg.json` configuration file";
	description = "Options stored in {file}`/etc/openvpn3/netcfg.json` configuration file";

[JarvisCraft]

(see note above about nixfmt-rfc-style)

[SuperSandro2000]

Suggested change

	in {
	options.programs.openvpn3 = let
	inherit (lib)
	mkEnableOption mkPackageOption mkOption literalExpression max options
	lists;
	inherit (lib.types) bool submodule ints;
	in {
	in {
	options.programs.openvpn3 = {

[JarvisCraft]

(see note below about imports' scope)

[SuperSandro2000]

Suggested change

	cfg = config.programs.openvpn3;
	cfg = config.programs.openvpn3;
	inherit (lib) mkEnableOption mkPackageOption mkOption literalExpression max options lists;
	inherit (lib.types) bool submodule ints;

[JarvisCraft]

Given that all of this imports are specific to building module options, is it worth importing them for the whole module?

[KFearsoff]

I think using imports for the entire module is more readable, because you don't use nested let statements. It's also easier to understand - I mean, you don't usually scope the stdlib to module options, so choosing to do that raises some questions.

[JarvisCraft]

@SuperSandro2000, thanks for the detailed review! I've fixed most of the reported issues with the exception of a few specific ones (referenced in the comments).

As for the formatting, should I use nixfmt or nixfmt-rfc-style for the NixOS module?