diff options
author | lassulus <lass@lassul.us> | 2017-03-10 15:35:24 +0100 |
---|---|---|
committer | lassulus <lass@lassul.us> | 2017-03-10 15:35:24 +0100 |
commit | 55c05c18c73873772bb02877114d581c4edbc593 (patch) | |
tree | c81cd8f8dc60347dec441a6dabc300bb908133ff | |
parent | 3b45f3f79199c7c4d18ff4b69424319f21780074 (diff) |
l 2 hfos: restart iptables after libvirtd restart
-rw-r--r-- | lass/2configs/hfos.nix | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index a28a6a5d2..f63e5ea53 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -36,5 +36,12 @@ with import <stockholm/lib>; { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } ]; - systemd.services.krebs-iptables.after = [ "libvirtd.service" ]; + # TODO use bridge interfaces instead of this crap + systemd.services.libvirtd.serviceConfig.ExecStartPost = let + restart-iptables = pkgs.writeDash "restart-iptables" '' + #soo hacky + ${pkgs.coreutils}/bin/sleep 1s + ${pkgs.systemd}/bin/systemctl restart krebs-iptables.service + ''; + in restart-iptables; } |