netplan_types/netplan/
authentication.rs

1#[cfg(feature = "serde")]
2use serde::{Deserialize, Serialize};
3
4#[cfg(feature = "derive_builder")]
5use derive_builder::Builder;
6
7/// Netplan supports advanced authentication settings for ethernet and wifi
8/// interfaces, as well as individual wifi networks, by means of the auth block.
9#[derive(Default, Debug, Clone, PartialEq, Eq)]
10#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
11#[cfg_attr(feature = "derive_builder", derive(Builder))]
12#[cfg_attr(feature = "serde", serde(rename_all = "kebab-case"))]
13#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
14pub struct AuthConfig {
15    /// The supported key management modes are none (no key management);
16    /// psk (WPA with pre-shared key, common for home wifi); eap (WPA
17    /// with EAP, common for enterprise wifi); and 802.1x (used primarily
18    /// for wired Ethernet connections).
19    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
20    pub key_management: Option<KeyManagmentMode>,
21    /// The password string for EAP, or the pre-shared key for WPA-PSK.
22    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
23    pub password: Option<String>,
24    /// The EAP method to use. The supported EAP methods are tls (TLS),
25    /// peap (Protected EAP), and ttls (Tunneled TLS).
26    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
27    pub method: Option<AuthMethod>,
28    /// The identity to use for EAP.
29    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
30    pub identity: Option<String>,
31    /// The identity to pass over the unencrypted channel if the chosen EAP
32    /// method supports passing a different tunnelled identity.
33    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
34    pub anonymous_identity: Option<String>,
35    /// Path to a file with one or more trusted certificate authority (CA)
36    /// certificates.
37    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
38    pub ca_certificate: Option<String>,
39    /// Path to a file containing the certificate to be used by the client
40    /// during authentication.
41    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
42    pub client_certificate: Option<String>,
43    /// Path to a file containing the private key corresponding to
44    /// client-certificate.
45    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
46    pub client_key: Option<String>,
47    /// Password to use to decrypt the private key specified in
48    /// client-key if it is encrypted.
49    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
50    pub client_key_password: Option<String>,
51    /// Phase 2 authentication mechanism.
52    #[cfg_attr(feature = "serde", serde(skip_serializing_if = "Option::is_none"))]
53    pub phase2_auth: Option<String>,
54}
55
56#[derive(Debug, Clone, PartialEq, Eq)]
57#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
58#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
59pub enum AuthMethod {
60    #[cfg_attr(feature = "serde", serde(rename = "tls"))]
61    Tls,
62    #[cfg_attr(feature = "serde", serde(rename = "peap"))]
63    Peap,
64    #[cfg_attr(feature = "serde", serde(rename = "ttls"))]
65    Ttls,
66}
67
68#[derive(Debug, Clone, PartialEq, Eq)]
69#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
70#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
71pub enum KeyManagmentMode {
72    #[cfg_attr(feature = "serde", serde(rename = "none"))]
73    None,
74    #[cfg_attr(feature = "serde", serde(rename = "psk"))]
75    Psk,
76    #[cfg_attr(feature = "serde", serde(rename = "eap"))]
77    Eap,
78    #[cfg_attr(feature = "serde", serde(rename = "sae"))]
79    Sae,
80    /// 802.1x
81    #[cfg_attr(feature = "serde", serde(rename = "802.1x"))]
82    EightZeroTwoDotOneX,
83}