summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/tinc.nix
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules/tinc.nix')
-rw-r--r--krebs/3modules/tinc.nix70
1 files changed, 34 insertions, 36 deletions
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index a0fc39e6f..2daef8e15 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -237,41 +237,39 @@ let
}
) config.krebs.tinc;
- krebs.systemd.services = mapAttrs (netname: cfg:
- let
- tinc = cfg.tincPackage;
- iproute = cfg.iproutePackage;
- in {
- description = "Tinc daemon for ${netname}";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- path = [ tinc iproute ];
- reloadIfChanged = true;
- restartTriggers = [ cfg.confDir ];
- serviceConfig = {
- LoadCredential = filter (x: x != "") [
- (optionalString (cfg.privkey_ed25519 != null)
- "ed25519_key:${cfg.privkey_ed25519}"
- )
- "rsa_key:${cfg.privkey}"
- ];
- Restart = "always";
- ExecStart = toString [
- "${tinc}/sbin/tincd"
- "-D"
- "-U ${cfg.user.name}"
- "-c /etc/tinc/${netname}"
- "-d 0"
- (optionalString (cfg.privkey_ed25519 != null)
- "-o Ed25519PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/ed25519_key"
- )
- "-o PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/rsa_key"
- "--pidfile=/var/run/tinc.${netname}.pid"
- ];
- ExecReload = "${tinc}/sbin/tinc -n ${netname} reload";
- SyslogIdentifier = netname;
- };
- }
- ) config.krebs.tinc;
+ krebs.systemd.services = mapAttrs (netname: cfg: {
+ description = "Tinc daemon for ${netname}";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ path = [
+ cfg.iproutePackage
+ cfg.tincPackage
+ ];
+ reloadIfChanged = true;
+ restartTriggers = [ cfg.confDir ];
+ serviceConfig = {
+ LoadCredential = filter (x: x != "") [
+ (optionalString (cfg.privkey_ed25519 != null)
+ "ed25519_key:${cfg.privkey_ed25519}"
+ )
+ "rsa_key:${cfg.privkey}"
+ ];
+ Restart = "always";
+ ExecStart = toString [
+ "${cfg.tincPackage}/sbin/tincd"
+ "-D"
+ "-U ${cfg.user.name}"
+ "-c /etc/tinc/${netname}"
+ "-d 0"
+ (optionalString (cfg.privkey_ed25519 != null)
+ "-o Ed25519PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/ed25519_key"
+ )
+ "-o PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/rsa_key"
+ "--pidfile=/var/run/tinc.${netname}.pid"
+ ];
+ ExecReload = "${cfg.tincPackage}/sbin/tinc -n ${netname} reload";
+ SyslogIdentifier = netname;
+ };
+ }) config.krebs.tinc;
};
in out