summary refs log tree commit diff
path: root/nixos/modules/services/networking/tcpcrypt.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/networking/tcpcrypt.nix')
-rw-r--r--nixos/modules/services/networking/tcpcrypt.nix10
1 files changed, 5 insertions, 5 deletions
diff --git a/nixos/modules/services/networking/tcpcrypt.nix b/nixos/modules/services/networking/tcpcrypt.nix
index 2f304165eb4..ee005e11aa3 100644
--- a/nixos/modules/services/networking/tcpcrypt.nix
+++ b/nixos/modules/services/networking/tcpcrypt.nix
@@ -44,9 +44,9 @@ in
       path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
 
       preStart = ''
-        mkdir -p /var/run/tcpcryptd
-        chown tcpcryptd /var/run/tcpcryptd
-        sysctl -n net.ipv4.tcp_ecn >/run/pre-tcpcrypt-ecn-state
+        mkdir -p /run/tcpcryptd
+        chown tcpcryptd /run/tcpcryptd
+        sysctl -n net.ipv4.tcp_ecn > /run/tcpcryptd/pre-tcpcrypt-ecn-state
         sysctl -w net.ipv4.tcp_ecn=0
 
         iptables -t raw -N nixos-tcpcrypt
@@ -61,8 +61,8 @@ in
       script = "tcpcryptd -x 0x10";
 
       postStop = ''
-        if [ -f /run/pre-tcpcrypt-ecn-state ]; then
-          sysctl -w net.ipv4.tcp_ecn=$(cat /run/pre-tcpcrypt-ecn-state)
+        if [ -f /run/tcpcryptd/pre-tcpcrypt-ecn-state ]; then
+          sysctl -w net.ipv4.tcp_ecn=$(cat /run/tcpcryptd/pre-tcpcrypt-ecn-state)
         fi
 
         iptables -t mangle -D POSTROUTING -j nixos-tcpcrypt || true
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-17 01:27:46 +0000