nixos/openvpn: added restartAfterSleep option

Additional systemd unit that hooks to sleep.target and kills openvpn processes

1 files changed, 18 insertions, 1 deletions

diff --git a/nixos/modules/services/networking/openvpn.nix b/nixos/modules/services/networking/openvpn.nix
index 492a0936fdb..3a255b9172c 100644
--- a/nixos/modules/services/networking/openvpn.nix
+++ b/nixos/modules/services/networking/openvpn.nix
@@ -70,6 +70,16 @@ let
       serviceConfig.Type = "notify";
     };
 
+  restartService = optionalAttrs cfg.restartAfterSleep {
+      openvpn-restart = {
+          wantedBy = [ "sleep.target" ];
+          path = [ pkgs.procps ];
+          script = "pkill --signal SIGHUP --exact openvpn";
+          #SIGHUP makes openvpn process to self-exit and then it got restarted by systemd because of Restart=always
+          description = "Sends a signal to OpenVPN process to trigger a restart after return from sleep";
+        };
+    };
+
 in
 
 {
@@ -201,6 +211,12 @@ in
 
     };
 
+  services.openvpn.restartAfterSleep = mkOption {
+    default = true;
+    type = types.bool;
+    description = lib.mdDoc "Whether OpenVPN clients should be restarted after sleep.";
+    };
+
   };
 
 
@@ -208,7 +224,8 @@ in
 
   config = mkIf (cfg.servers != {}) {
 
-    systemd.services = listToAttrs (mapAttrsFlatten (name: value: nameValuePair "openvpn-${name}" (makeOpenVPNJob value name)) cfg.servers);
+    systemd.services = (listToAttrs (mapAttrsFlatten (name: value: nameValuePair "openvpn-${name}" (makeOpenVPNJob value name)) cfg.servers))
+     // restartService;
 
     environment.systemPackages = [ openvpn ];