JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

network-link-*.service: Set stopIfChanged = false

Browse Source 
This reduces the time window during which IP addresses are gone during
switch-to-configuration. A complication is that with stopIfChanged =
true, preStop would try to delete the *new* IP addresses rather than
the old one (since the preStop script now runs after the switch to the
new configuration). So we now record the actually configured addresses
in /run/nixos/network/addresses/<interface>. This is more robust in
any case.

Issue https://github.com/NixOS/nixops/issues/640.
This commit is contained in:
Eelco Dolstra 2017-04-04 14:18:49 +02:00
parent 3a9c217804
commit 01dbf03628
No known key found for this signature in database
GPG Key ID: 8170B4726D7198DE
2 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/security/polkit.nix
View File

@ -64,7 +64,7 @@ in
systemd.packages = [ pkgs.polkit.out ]; systemd.packages = [ pkgs.polkit.out ];
systemd.services.polkit.restartTriggers = [ config.system.path ]; systemd.services.polkit.restartTriggers = [ config.system.path ];
systemd.services.polkit.unitConfig.X-StopIfChanged = false; systemd.services.polkit.stopIfChanged = false;
# The polkit daemon reads action/rule files # The polkit daemon reads action/rule files
environment.pathsToLink = [ "/share/polkit-1" ]; environment.pathsToLink = [ "/share/polkit-1" ];

31
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@ -159,35 +159,42 @@ let
after = [ "network-pre.target" ] ++ (deviceDependency i.name); after = [ "network-pre.target" ] ++ (deviceDependency i.name);
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true; serviceConfig.RemainAfterExit = true;
# Restart rather than stop+start this unit to prevent the
# network from dying during switch-to-configuration.
stopIfChanged = false;
path = [ pkgs.iproute ]; path = [ pkgs.iproute ];
script = script =
'' ''
# FIXME: shouldn't this be done in network-link?
echo "bringing up interface..." echo "bringing up interface..."
ip link set "${i.name}" up ip link set "${i.name}" up
restart_network_interfaces=false state="/run/nixos/network/addresses/${i.name}"
mkdir -p $(dirname "$state")
'' + flip concatMapStrings (ips) (ip: '' + flip concatMapStrings (ips) (ip:
let let
address = "${ip.address}/${toString ip.prefixLength}"; address = "${ip.address}/${toString ip.prefixLength}";
in in
'' ''
echo "checking ip ${address}..." echo "${address}" >> $state
if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then
echo "added ip ${address}..." echo "added ip ${address}"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
echo "failed to add ${address}" echo "failed to add ${address}"
exit 1 exit 1
fi fi
''); '');
preStop = flip concatMapStrings (ips) (ip: preStop = ''
let state="/run/nixos/network/addresses/${i.name}"
address = "${ip.address}/${toString ip.prefixLength}"; while read address; do
in echo -n "deleting $address..."
'' ip addr del "$address" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed"
echo -n "deleting ${address}..." echo ""
ip addr del "${address}" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed" done < "$state"
echo "" rm -f "$state"
''); '';
}; };
createTunDevice = i: nameValuePair "${i.name}-netdev" createTunDevice = i: nameValuePair "${i.name}-netdev"