diff options
| author | tv <tv@krebsco.de> | 2021-12-07 21:57:45 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2021-12-08 00:48:51 +0100 |
| commit | 9d9977ac834cbe12f43a923a94262356bcc93159 (patch) | |
| tree | 43ed87d2c65c42d43b67bb09d31fa03fc08866d4 | |
| parent | 5311a821757c7ddc43da83b3fd1f440e59c8bdf4 (diff) | |
tv net.ipv6.conf.*.use_tempaddr: admit NixOS 21.11
| -rw-r--r-- | tv/2configs/default.nix | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index de298e1..8add07f 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -94,8 +94,17 @@ with import <stockholm/lib>; { boot.kernel.sysctl = { # Enable IPv6 Privacy Extensions - "net.ipv6.conf.all.use_tempaddr" = 2; - "net.ipv6.conf.default.use_tempaddr" = 2; + # + # XXX use mkForce here because since NixOS 21.11 there's a collision in + # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable + # of merging. + # + # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in + # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html + # TODO check if that is really necessary, otherwise we can rely solely + # on networking.tempAddresses in the future (when nothing is <21.11) + "net.ipv6.conf.all.use_tempaddr" = mkForce 2; + "net.ipv6.conf.default.use_tempaddr" = mkForce 2; }; } |