Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wireguard service: use scripts instead of ExecStarts/Stops #38333

Merged
merged 1 commit into from Apr 22, 2018
Merged

wireguard service: use scripts instead of ExecStarts/Stops #38333

merged 1 commit into from Apr 22, 2018

Conversation

abbradar
Copy link
Member

@abbradar abbradar commented Apr 2, 2018

Motivation for this change

This is more in line with what other services do; also looks cleaner.
It changes configuration entries for pre-and post-hooks type to lines from
lists of strings which are more logical for them; coersion is provided for
backwards compatibility.

Finally, add several steps to improve robustness:

  1. Load kernel module on start if not loaded;
  2. Don't remove wireguard interface on start; it is removed on service stop. If
    it's not something is wrong.
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@abbradar
wireguard service: use scripts instead of ExecStarts/Stops
79974ae 
This is more in line with what other services do; also looks cleaner.
It changes configuration entries for pre-and post-hooks type to lines from
lists of strings which are more logical for them; coersion is provided for
backwards compatibility.

Finally, add several steps to improve robustness:

1. Load kernel module on start if not loaded;
2. Don't remove wireguard interface on start; it is removed on service stop. If
   it's not something is wrong.
@abbradar
Copy link
Member Author

I'm going to merge this in few days unless there's any new comments.

@thoughtpolice
Copy link
Member

This LGTM; I was using Wireguard recently and wanted to do some of these cleanups myself. I'm going to go ahead and hit the button.

@thoughtpolice thoughtpolice merged commit 7c90a86 into NixOS:master Apr 22, 2018
@thoughtpolice
Copy link
Member

(For reference, I was looking to see if there were other improvements to WG and also found this alongside the default routing issues -- so feel free to CC me in the future if you want a quick review since I'll probably keep using it...)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thoughtpolice thoughtpolice thoughtpolice approved these changes

Assignees
No one assigned
Labels
6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@abbradar @thoughtpolice @GrahamcOfBorg