nixos/yggdrasil: replace activationScript

Replace with separate service because it cannot be moved into the
preStart of the yggdrasil service.
This commit is contained in:
nikstur 2023-10-29 00:50:27 +02:00
parent 9b29bc0010
commit af87c19427

View File

@ -137,16 +137,24 @@ in
message = "networking.enableIPv6 must be true for yggdrasil to work";
}];
system.activationScripts.yggdrasil = mkIf cfg.persistentKeys ''
if [ ! -e ${keysPath} ]
then
mkdir --mode=700 -p ${builtins.dirOf keysPath}
${binYggdrasil} -genconf -json \
| ${pkgs.jq}/bin/jq \
'to_entries|map(select(.key|endswith("Key")))|from_entries' \
> ${keysPath}
fi
'';
# This needs to be a separate service. The yggdrasil service fails if
# this is put into its preStart.
systemd.services.yggdrasil-persistent-keys = lib.mkIf cfg.persistentKeys {
wantedBy = [ "multi-user.target" ];
before = [ "yggdrasil.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
script = ''
if [ ! -e ${keysPath} ]
then
mkdir --mode=700 -p ${builtins.dirOf keysPath}
${binYggdrasil} -genconf -json \
| ${pkgs.jq}/bin/jq \
'to_entries|map(select(.key|endswith("Key")))|from_entries' \
> ${keysPath}
fi
'';
};
systemd.services.yggdrasil = {
description = "Yggdrasil Network Service";