openvpn service: source up/down scripts

source the up/down scripts instead of executing them to avoid loosing access to special variables like $1
NixOS · Apr 25, 2017 · 50ad243 · 50ad243 · peti · Apr 25, 2017
1 parent b6714f5
commit 50ad243
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/nixos/modules/services/networking/openvpn.nix b/nixos/modules/services/networking/openvpn.nix
@@ -28,16 +28,26 @@ let
           fi
         done
 
-        ${cfg.up}
         ${optionalString cfg.updateResolvConf
            "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf"}
+
+        ${optionalString (cfg.up != "") "source ${userSuppliedUpScript}"}
       '';
 
       downScript = ''
         #! /bin/sh
         export PATH=${path}
         ${optionalString cfg.updateResolvConf
            "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf"}
+
+        ${optionalString (cfg.down != "") "source ${userSuppliedDownScript}"}
+      '';
+
+      userSuppliedUpScript = pkgs.writeScript "openvpn-${name}-userSuppliedUpScript" ''
+        ${cfg.up}
+      '';
+
+      userSuppliedDownScript = pkgs.writeScript "openvpn-${name}-userSuppliedDownScript" ''
         ${cfg.down}
       '';
 
@@ -133,15 +143,15 @@ in
             default = "";
             type = types.lines;
             description = ''
-              Shell commands executed when the instance is starting.
+              Shell script sourced by NixOS generated script when the instance is starting.
             '';
           };
 
           down = mkOption {
             default = "";
             type = types.lines;
             description = ''
-              Shell commands executed when the instance is shutting down.
+              Shell script sourced by NixOS generated script when the instance is shutting down.
             '';
           };