commit 5816a8aa0af7a6f3148bbd0c71cbe7fcb6ec7a14 · pyrox.dev/nixpkgs

+40 -43
nixos/modules/services/networking/ifstate.nix
···

       66
       66
        
           "wireguard" = [ "wireguard" ];

     

       67
       67
        
           "xfrm" = [ "xfrm_interface" ];

     

       68
       68
        
         };

     

       69
       69
       +
         # https://github.com/systemd/systemd/blob/main/units/systemd-networkd.service.in

     

       70
       70
       +
         commonServiceConfig = {

     

       71
       71
       +
           after = [

     

       72
       72
       +
             "systemd-udevd.service"

     

       73
       73
       +
             "network-pre.target"

     

       74
       74
       +
             "systemd-sysusers.service"

     

       75
       75
       +
             "systemd-sysctl.service"

     

       76
       76
       +
           ];

     

       77
       77
       +
           before = [

     

       78
       78
       +
             "network.target"

     

       79
       79
       +
             "multi-user.target"

     

       80
       80
       +
             "shutdown.target"

     

       81
       81
       +
             "initrd-switch-root.target"

     

       82
       82
       +
           ];

     

       83
       83
       +
           conflicts = [

     

       84
       84
       +
             "shutdown.target"

     

       85
       85
       +
             "initrd-switch-root.target"

     

       86
       86
       +
           ];

     

       87
       87
       +
           wants = [

     

       88
       88
       +
             "network.target"

     

       89
       89
       +
           ];

     

       90
       90
       +
       

     

       91
       91
       +
           unitConfig = {

     

       92
       92
       +
             # Avoid default dependencies like "basic.target", which prevents ifstate from starting before luks is unlocked.

     

       93
       93
       +
             DefaultDependencies = "no";

     

       94
       94
       +
           };

     

       95
       95
       +
         };

     

       69
       96
        
       in

     

       70
       97
        
       {

     

       71
       98
        
         meta.maintainers = with lib.maintainers; [ marcel ];

     
···

       150
       177
        
               etc."ifstate/ifstate.yaml".source = settingsFormat.generate "ifstate.yaml" cfg.settings cfg.package;

     

       151
       178
        
             };

     

       152
       179
        
       

     

       153
       153
       -
             systemd.services.ifstate = {

     

       180
       180
       +
             systemd.services.ifstate = commonServiceConfig // {

     

       154
       181
        
               description = "IfState";

     

       155
       182
        
       

     

       156
       183
        
               wantedBy = [

     

       157
       184
        
                 "multi-user.target"

     

       158
       185
        
               ];

     

       159
       159
       -
               after = [

     

       160
       160
       -
                 "systemd-udevd.service"

     

       161
       161
       -
                 "network-pre.target"

     

       162
       162
       -
                 "systemd-sysusers.service"

     

       163
       163
       -
                 "systemd-sysctl.service"

     

       164
       164
       -
               ];

     

       165
       165
       -
               before = [

     

       166
       166
       -
                 "network.target"

     

       167
       167
       -
                 "multi-user.target"

     

       168
       168
       -
                 "shutdown.target"

     

       169
       169
       -
                 "initrd-switch-root.target"

     

       170
       170
       -
               ];

     

       171
       171
       -
               conflicts = [

     

       172
       172
       -
                 "shutdown.target"

     

       173
       173
       -
                 "initrd-switch-root.target"

     

       174
       174
       -
               ];

     

       175
       175
       -
               wants = [

     

       176
       176
       -
                 "network.target"

     

       177
       177
       -
               ];

     

       178
       186
        
       

     

       179
       187
        
               # mount is always available on nixos, avoid adding additional store paths to the closure

     

       180
       188
        
               path = [ "/run/wrappers" ];

     
···

       254
       262
        
                   )

     

       255
       263
        
                 ];

     

       256
       264
        
       

     

       257
       257
       -
                 services.ifstate-initrd = {

     

       265
       265
       +
                 # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/system/boot/networkd.nix#L3444

     

       266
       266
       +
                 additionalUpstreamUnits = [

     

       267
       267
       +
                   "network-online.target"

     

       268
       268
       +
                   "network-pre.target"

     

       269
       269
       +
                   "network.target"

     

       270
       270
       +
                   "nss-lookup.target"

     

       271
       271
       +
                   "nss-user-lookup.target"

     

       272
       272
       +
                   "remote-fs-pre.target"

     

       273
       273
       +
                   "remote-fs.target"

     

       274
       274
       +
                 ];

     

       275
       275
       +
       

     

       276
       276
       +
                 services.ifstate-initrd = commonServiceConfig // {

     

       258
       277
        
                   description = "IfState initrd";

     

       259
       278
        
       

     

       260
       279
        
                   wantedBy = [

     

       261
       280
        
                     "initrd.target"

     

       262
       281
        
                   ];

     

       263
       263
       -
                   after = [

     

       264
       264
       -
                     "systemd-udevd.service"

     

       265
       265
       -
                     "network-pre.target"

     

       266
       266
       -
                     "systemd-sysusers.service"

     

       267
       267
       -
                     "systemd-sysctl.service"

     

       268
       268
       -
                   ];

     

       269
       269
       -
                   before = [

     

       270
       270
       -
                     "network.target"

     

       271
       271
       -
                     "multi-user.target"

     

       272
       272
       -
                     "shutdown.target"

     

       273
       273
       -
                     "initrd-switch-root.target"

     

       274
       274
       -
                   ];

     

       275
       275
       -
                   conflicts = [

     

       276
       276
       -
                     "shutdown.target"

     

       277
       277
       -
                     "initrd-switch-root.target"

     

       278
       278
       -
                   ];

     

       279
       279
       -
                   wants = [

     

       280
       280
       -
                     "network.target"

     

       281
       281
       -
                   ];

     

       282
       282
        
       

     

       283
       283
        
                   # mount is always available on nixos, avoid adding additional store paths to the closure

     

       284
       284
        
                   # https://github.com/NixOS/nixpkgs/blob/2b8e2457ebe576ebf41ddfa8452b5b07a8d493ad/nixos/modules/system/boot/systemd/initrd.nix#L550-L551

     
···

       291
       291
        
                     # Otherwise systemd starts ifstate again, after the encryption password was entered by the user

     

       292
       292
        
                     # and we are able to implement the cleanup using ExecStop rather than a separate unit.

     

       293
       293
        
                     RemainAfterExit = true;

     

       294
       294
       -
                     # When using network namespaces pyroute2 expects this directory to exists.

     

       295
       295
       -
                     # @liske is currently investigating whether this should be considered a bug in pyroute2.

     

       296
       296
       -
                     ExecStartPre = "${lib.getExe' pkgs.coreutils "mkdir"} /var/run";

     

       297
       294
        
                     ExecStart = "${lib.getExe initrdCfg.package} --config ${

     

       298
       295
        
                       config.environment.etc."ifstate/ifstate.initrd.yaml".source

     

       299
       296
        
                     } apply";