summaryrefslogtreecommitdiffstats
path: root/tv/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-12-07 21:57:45 +0100
committertv <tv@krebsco.de>2021-12-08 00:48:51 +0100
commit9d9977ac834cbe12f43a923a94262356bcc93159 (patch)
tree43ed87d2c65c42d43b67bb09d31fa03fc08866d4 /tv/2configs
parent5311a821757c7ddc43da83b3fd1f440e59c8bdf4 (diff)
tv net.ipv6.conf.*.use_tempaddr: admit NixOS 21.11
Diffstat (limited to 'tv/2configs')
-rw-r--r--tv/2configs/default.nix13
1 files changed, 11 insertions, 2 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index de298e1..8add07f 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -94,8 +94,17 @@ with import <stockholm/lib>;
{
boot.kernel.sysctl = {
# Enable IPv6 Privacy Extensions
- "net.ipv6.conf.all.use_tempaddr" = 2;
- "net.ipv6.conf.default.use_tempaddr" = 2;
+ #
+ # XXX use mkForce here because since NixOS 21.11 there's a collision in
+ # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable
+ # of merging.
+ #
+ # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in
+ # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html
+ # TODO check if that is really necessary, otherwise we can rely solely
+ # on networking.tempAddresses in the future (when nothing is <21.11)
+ "net.ipv6.conf.all.use_tempaddr" = mkForce 2;
+ "net.ipv6.conf.default.use_tempaddr" = mkForce 2;
};
}