From 1917e69b546bc357652a3fd888c064e2a1c9fed8 Mon Sep 17 00:00:00 2001 From: Peter Hoeg Date: Wed, 11 Oct 2017 23:13:37 +0800 Subject: [PATCH] dnsmasq nixos: make sure it always runs By default we only restart if the dnsmasq daemon fails but we introduce an option to always keep it running. --- nixos/modules/services/networking/dnsmasq.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/networking/dnsmasq.nix b/nixos/modules/services/networking/dnsmasq.nix index fcf5aa5f175b..91a3e54474ac 100644 --- a/nixos/modules/services/networking/dnsmasq.nix +++ b/nixos/modules/services/networking/dnsmasq.nix @@ -55,6 +55,14 @@ in ''; }; + alwaysKeepRunning = mkOption { + type = types.bool; + default = false; + description = '' + If enabled, systemd will always respawn dnsmasq even if shut down manually. The default, disabled, will only restart it on error. + ''; + }; + extraConfig = mkOption { type = types.lines; default = ""; @@ -101,10 +109,12 @@ in BusName = "uk.org.thekelleys.dnsmasq"; ExecStart = "${dnsmasq}/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C ${dnsmasqConf}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + PrivateTmp = true; + ProtectSystem = true; + ProtectHome = true; + Restart = if cfg.alwaysKeepRunning then "always" else "on-failure"; }; restartTriggers = [ config.environment.etc.hosts.source ]; }; - }; - }