make options camel case

`mkRenamedOptionModule` has been used to throw warnings if the old
option names are used, while still allowing for the old names to work.
A warning is only thrown for 'vpnnamespaces' as the warnings apparently
do not work for submodules. This might have something to do with
NixOS/nixpkgs#96006

README.md

@@ -9,18 +9,18 @@ A NixOS module which lets you route traffic from systemd services through a VPN
 {
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
-    vpnconfinement.url = "github:Maroka-chan/VPN-Confinement";
-    vpnconfinement.inputs.nixpkgs.follows = "nixpkgs";
+    vpnConfinement.url = "github:Maroka-chan/VPN-Confinement";
+    vpnConfinement.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = { self, nixpkgs, vpnconfinement, ... }:
+  outputs = { self, nixpkgs, vpnConfinement, ... }:
   {
     # Change hostname, system, etc. as needed.
     nixosConfigurations.hostname = nixpkgs.lib.nixosSystem {
       system = "x86_64-linux";
       modules = [
         ./configuration.nix
-        vpnconfinement.nixosModules.default
+        vpnConfinement.nixosModules.default
       ];
     };
   };
@@ -33,7 +33,7 @@ A NixOS module which lets you route traffic from systemd services through a VPN
 ## Define VPN network namespace
 
 ```nix
-vpnnamespaces.<name> = { # The name is limited to 7 characters
+vpnNamespaces.<name> = { # The name is limited to 7 characters
   enable = true;
   wireguardConfigFile = <path to secret wireguard config file>;
   accessibleFrom = [
@@ -54,9 +54,9 @@ vpnnamespaces.<name> = { # The name is limited to 7 characters
 ## Add systemd service to VPN network namespace
 
 ```nix
-systemd.services.<name>.vpnconfinement = {
+systemd.services.<name>.vpnConfinement = {
   enable = true;
-  vpnnamespace = "<network namespace name>";
+  vpnNamespace = "<network namespace name>";
 };
 ```
 
@@ -67,7 +67,7 @@ systemd.services.<name>.vpnconfinement = {
 { pkgs, lib, config, ... }:
 {
   # Define VPN network namespace
-  vpnnamespaces.wg = {
+  vpnNamespaces.wg = {
     enable = true;
     wireguardConfigFile = /. + "/secrets/wg0.conf";
     accessibleFrom = [
@@ -83,9 +83,9 @@ systemd.services.<name>.vpnconfinement = {
   };
 
   # Add systemd service to VPN network namespace.
-  systemd.services.transmission.vpnconfinement = {
+  systemd.services.transmission.vpnConfinement = {
     enable = true;
-    vpnnamespace = "wg";
+    vpnNamespace = "wg";
   };
 
   services.transmission = {

flake.nix

@@ -14,8 +14,8 @@
 
       flake = {
         nixosModules = rec {
-          vpnconfinement = ./modules/vpnnetns.nix;
-          default = vpnconfinement;
+          vpnConfinement = ./modules/vpnnetns.nix;
+          default = vpnConfinement;
         };
       };
     };

modules/systemd.nix

@@ -3,7 +3,7 @@ with lib;
 {
   options.systemd.services = mkOption {
     type = types.attrsOf (types.submodule ({ name, config, ... }: {
-      options.vpnconfinement = {
+      options.vpnConfinement = {
         enable = mkOption {
           type = types.bool;
           default = false;
@@ -13,7 +13,7 @@ with lib;
             VPN tunnel and forces a specified DNS.
           '';
         };
-        vpnnamespace = mkOption {
+        vpnNamespace = mkOption {
           type = types.str;
           default = null;
           example = "wg";
@@ -24,9 +24,14 @@ with lib;
         };
       };
 
+      imports = [
+        (mkRenamedOptionModule [ "vpnconfinement" "enable" ] [ "vpnConfinement" "enable" ])
+        (mkRenamedOptionModule [ "vpnconfinement" "vpnnamespace" ] [ "vpnConfinement" "vpnNamespace" ])
+      ];
+
       config = let
-        vpn = config.vpnconfinement.vpnnamespace;
-      in mkIf config.vpnconfinement.enable {
+        vpn = config.vpnConfinement.vpnNamespace;
+      in mkIf config.vpnConfinement.enable {
         bindsTo = [ "${vpn}.service" ];
         after = [ "${vpn}.service" ];
 

modules/vpnnetns.nix

@@ -142,16 +142,17 @@ let
     };
   };
 in {
-  imports = [ ./systemd.nix ]; # Confinement options for systemd services
+  imports = [ ./systemd.nix ] # Confinement options for systemd services
+    ++ [(mkRenamedOptionModule [ "vpnnamespaces" ] [ "vpnNamespaces" ])];
 
-  options.vpnnamespaces = mkOption {
+  options.vpnNamespaces = mkOption {
     type = with types; attrsOf (submodule [ (import ./options.nix) ]);
     default = {};
   };
 
-  config = mkIf (config.vpnnamespaces != {}) {
+  config = mkIf (config.vpnNamespaces != {}) {
     boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
-    systemd.services = mapAttrs' (n: v: nameValuePair n (namespaceToService n v)) config.vpnnamespaces;
+    systemd.services = mapAttrs' (n: v: nameValuePair n (namespaceToService n v)) config.vpnNamespaces;
     systemd.tmpfiles.rules = [ "d /var/run/resolvconf 0755 root root" ]; # Make sure resolvconf path exists
   };
 }

tests/test.nix

@@ -23,7 +23,7 @@
       };
     };
     basicNetns = {
-      vpnnamespaces.wg = {
+      vpnNamespaces.wg = {
         enable = true;
         accessibleFrom = [
           "192.168.0.0/24"
@@ -50,19 +50,19 @@
       networking.dhcpcd.enable = false;
     };
     machine_max_name_length = { pkgs, ... }: base // {
-      vpnnamespaces.vpnname = {
+      vpnNamespaces.vpnname = {
         enable = true;
         wireguardConfigFile = "/etc/wireguard/wg0.conf";
       };
     };
     machine_dash_in_name = { pkgs, ... }: base // {
-      vpnnamespaces.vpn-nam = {
+      vpnNamespaces.vpn-nam = {
         enable = true;
         wireguardConfigFile = "/etc/wireguard/wg0.conf";
       };
     };
     machine_arbitrary_config_name = { pkgs, ... }: base // {
-      vpnnamespaces.vpn-nam = {
+      vpnNamespaces.vpn-nam = {
         enable = true;
         wireguardConfigFile = "/etc/wireguard/wireguardconfiguration.txt";
       };
@@ -77,8 +77,8 @@
       services.prowlarr.enable = true;
 
       systemd.services.prowlarr = {
-        vpnconfinement.enable = true;
-        vpnconfinement.vpnnamespace = "wg";
+        vpnConfinement.enable = true;
+        vpnConfinement.vpnNamespace = "wg";
       };
     };
     machine_no_namespaces = { pkgs, ... }: base // {