New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
xl2tpd: add up/down scripts for xl2tpd #17037
Conversation
@igsha, thanks for your PR! By analyzing the annotation information on this pull request, we identified @obadz, @edolstra and @demin-dmitriy to be potential reviewers |
#!/bin/sh | ||
export PATH=${path} | ||
${cfg.up} | ||
EOF |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like a dangerous way to generate the ip-up/down scripts. What if cfg.up
contains the string EOF
? Seems better to use pkgs.writeScript
.
Agree with @edolstra re |
In fact, maybe you can use |
description = "Contents of down script."; | ||
default = ""; | ||
example = literalExample '' | ||
''${pkgs.openresolv}/sbin/resolvconf -d ppp0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To demonstrate that nixos isn't magic, it might be good to have route add
's down
counterpart.
@igsha, I'm a bit confused about the fact that you're putting commands that are typically client side on the server-side config? Could you elaborate on what you're trying to do? |
@obadz, yes, you are right. I'm trying to add client side functionality to the module. May be I should separate server and client configs like it was done for |
@igsha, have you thought about using the networkmanager plugin? |
@obadz, no, I've never used networkmanager before. I've tried networkmanager. It works for me now. But l2tp plugin cannot be configured from terminal that may be inconvenient in some situations. Anyway I'm please with your advice. |
@igsha, could you explain what your addition to Also why did you need to add the |
@obadz, without [root@isharonov-pc:~]# systemctl status xl2tpd.service
● xl2tpd.service - xl2tpd server
Loaded: loaded (/nix/store/ns226jhkhcxi7bcgvks2i9xjzvwm8bzn-unit-xl2tpd.service/xl2tpd.service; bad; vendor preset: enabled)
Active: active (running) since Wed 2016-07-27 16:25:08 MSK; 5s ago
Process: 27607 ExecStartPre=/nix/store/q5kgx455njs3sb7x2ipiw9cb98s69g20-unit-script/bin/xl2tpd-pre-start (code=exited, status=0/SUCCESS)
Main PID: 27620 (xl2tpd)
CGroup: /system.slice/xl2tpd.service
├─27620 /nix/store/cv95khbphscrcnrdcdx8fxmrn3s1rhmh-xl2tpd-1.3.7/bin/xl2tpd -D -c /nix/store/4hs001z1k3w8nbkf2qhx2w5yjk42vl30-xl2tpd.conf -s /etc/xl2tpd/l2tp-secrets -p /run/xl2tpd/pid -C /run/xl2tpd/control
└─27622 /nix/store/fygj25ghyzcs9kibgwj6xq0qm4kqza1h-ppp-2.4.7/sbin/pppd /dev/pts/1 passive nodetach : debug file /nix/store/7d5w161ih5sm2mqv50fxi4j5hv9grfiy-mega-mega-pppd.conf
Jul 27 16:25:08 isharonov-pc pppd[27622]: rcvd [CCP ConfNak id=0x2 <mppe +H -M -S +L -D -C>]
Jul 27 16:25:08 isharonov-pc pppd[27622]: sent [CCP ConfReq id=0x3]
Jul 27 16:25:08 isharonov-pc pppd[27622]: rcvd [IPCP ConfAck id=0x3 <addr 192.168.242.14> <ms-dns1 192.168.1.30> <ms-dns2 80.90.126.250>]
Jul 27 16:25:08 isharonov-pc pppd[27622]: local IP address 192.168.242.14
Jul 27 16:25:08 isharonov-pc pppd[27622]: remote IP address 192.168.242.1
Jul 27 16:25:08 isharonov-pc pppd[27622]: primary DNS address 192.168.1.30
Jul 27 16:25:08 isharonov-pc pppd[27622]: secondary DNS address 80.90.126.250
Jul 27 16:25:08 isharonov-pc pppd[27622]: rcvd [CCP ConfNak id=0x3 <mppe +H -M -S -L -D -C>]
Jul 27 16:25:08 isharonov-pc pppd[27622]: sent [CCP ConfReq id=0x4]
Jul 27 16:25:08 isharonov-pc pppd[27622]: rcvd [CCP ConfAck id=0x4]
[root@isharonov-pc:~]# systemctl stop xl2tpd.service
[root@isharonov-pc:~]# systemctl status xl2tpd.service
● xl2tpd.service - xl2tpd server
Loaded: loaded (/nix/store/ns226jhkhcxi7bcgvks2i9xjzvwm8bzn-unit-xl2tpd.service/xl2tpd.service; bad; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2016-07-27 16:25:26 MSK; 1s ago
Process: 27620 ExecStart=/nix/store/hznym1lfyah7dc9finn76hc8c49xh99d-xl2tpd-ppp-wrapped/bin/xl2tpd -D -c /nix/store/4hs001z1k3w8nbkf2qhx2w5yjk42vl30-xl2tpd.conf -s /etc/xl2tpd/l2tp-secrets -p /run/xl2tpd/pid -C /run/xl2tpd/control (cod
Process: 27607 ExecStartPre=/nix/store/q5kgx455njs3sb7x2ipiw9cb98s69g20-unit-script/bin/xl2tpd-pre-start (code=exited, status=0/SUCCESS)
Main PID: 27620 (code=exited, status=1/FAILURE)
CGroup: /system.slice/xl2tpd.service
└─27622 /nix/store/fygj25ghyzcs9kibgwj6xq0qm4kqza1h-ppp-2.4.7/sbin/pppd /dev/pts/1 passive nodetach : debug file /nix/store/7d5w161ih5sm2mqv50fxi4j5hv9grfiy-mega-mega-pppd.conf
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory
Jul 27 16:25:26 isharonov-pc pppd[27622]: Failed to open /dev/pts/1: No such file or directory |
Are there any updates on this pull request, please? |
Thank you for your contributions.
|
Just close it very outdated PR because I don't have xl2tpd server any more and can't test. |
Motivation for this change
xl2tpd: The lack of up/down scripts to update, e.g.,
resolv.conf
, and autoStart option like it was done foropenvpn
module.libredirect:
pppd
usesexecve
and redirectingexecv
is not enough.Things done
(nix.useChroot on NixOS,
or option
build-use-chroot
innix.conf
on non-NixOS)
nix-shell -p nox --run "nox-review wip"
./result/bin/
)