diff options
author | Jörg Thalheim <joerg@higgsboson.tk> | 2016-11-16 21:47:11 +0000 |
---|---|---|
committer | Jörg Thalheim <joerg@higgsboson.tk> | 2016-12-17 15:23:34 +0100 |
commit | d49e0d5fa5c245ab4e8675ba7fd286d848484fb2 (patch) | |
tree | 9edca3ccb594d50f94c5f2d91383cc7f17b644e8 /nixos/modules/system | |
parent | 45c1c50dddc76ed8f205c7d23ea7e1418fc67055 (diff) | |
download | nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar.gz nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar.bz2 nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar.lz nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar.xz nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.tar.zst nixpkgs-d49e0d5fa5c245ab4e8675ba7fd286d848484fb2.zip |
networkd: allow to supply own unit files
Networkd units can contain secrets. In future also wireguard vpn will be supported by networkd. To avoid leakage of private keys, those could be then also put outside of the /nix/store Having a writeable /etc/systemd/network also allows to quick fix network issues, when upgrading `nixos-rebuild switch` would require network on its own (due updates).
Diffstat (limited to 'nixos/modules/system')
-rw-r--r-- | nixos/modules/system/boot/networkd.nix | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index e5ec70d8690..86237ea6ac7 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -606,6 +606,10 @@ let ''; }; + unitFiles = map (name: { + target = "systemd/network/${name}"; + source = "${cfg.units.${name}.unit}/${name}"; + }) (attrNames cfg.units); in { @@ -657,17 +661,15 @@ in systemd.additionalUpstreamSystemUnits = [ "systemd-networkd.service" "systemd-networkd-wait-online.service" ]; - systemd.network.units = - mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links + systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links // mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs // mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks; - environment.etc."systemd/network".source = - generateUnits "network" cfg.units [] []; + environment.etc = unitFiles; systemd.services.systemd-networkd = { wantedBy = [ "multi-user.target" ]; - restartTriggers = [ config.environment.etc."systemd/network".source ]; + restartTriggers = map (f: f.source) (unitFiles); }; systemd.services.systemd-networkd-wait-online = { |