diff options
| author | Emery Hemingway <emery@vfemail.net> | 2014-10-26 15:15:48 -0400 |
|---|---|---|
| committer | Aristid Breitkreuz <aristidb@gmail.com> | 2014-11-08 23:39:02 +0100 |
| commit | 67a2a58314274ec5865d49198700eefd2c1a22a9 (patch) | |
| tree | b0a17f20908bef5ec22877fd1cffe7224f4155ea /nixos/modules/services/networking/cjdns.nix | |
| parent | 9b4ba66ac3d1ac3dba325fcb1db45c8f7a57e103 (diff) | |
cjdns: service tweaks, new NixOS test
Diffstat (limited to 'nixos/modules/services/networking/cjdns.nix')
| -rw-r--r-- | nixos/modules/services/networking/cjdns.nix | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/nixos/modules/services/networking/cjdns.nix b/nixos/modules/services/networking/cjdns.nix index 9888419309c1..be0acb27324a 100644 --- a/nixos/modules/services/networking/cjdns.nix +++ b/nixos/modules/services/networking/cjdns.nix @@ -204,8 +204,29 @@ in systemd.services.cjdns = { description = "encrypted networking for everybody"; - wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + wantedBy = [ "network.target" ]; + after = [ "networkSetup.service" "network-interfaces.target" ]; + + preStart = if cfg.confFile != "" then "" else '' + [ -e /etc/cjdns.keys ] && source /etc/cjdns.keys + + if [ -z "$CJDNS_PRIVATE_KEY" ]; then + shopt -s lastpipe + ${pkg}/bin/makekeys | { read private ipv6 public; } + + umask 0077 + echo "CJDNS_PRIVATE_KEY=$private" >> /etc/cjdns.keys + echo -e "CJDNS_IPV6=$ipv6\nCJDNS_PUBLIC_KEY=$public" > /etc/cjdns.public + + chmod 600 /etc/cjdns.keys + chmod 444 /etc/cjdns.public + fi + + if [ -z "$CJDNS_ADMIN_PASSWORD" ]; then + echo "CJDNS_ADMIN_PASSWORD=$(${pkgs.coreutils}/bin/head -c 96 /dev/urandom | ${pkgs.coreutils}/bin/tr -dc A-Za-z0-9)" \ + >> /etc/cjdns.keys + fi + ''; script = ( if cfg.confFile != "" then "${pkg}/bin/cjdroute < ${cfg.confFile}" else @@ -224,27 +245,6 @@ in }; }; - system.activationScripts.cjdns = if (cfg.confFile == "") then "" else '' - cjdnsWriteKeys() { - private=$1 - ipv6=$2 - public=$3 - - echo "CJDNS_PRIVATE_KEY=$1" >> /etc/cjdns.keys - echo -e "CJDNS_IPV6=$2\nCJDNS_PUBLIC_KEY=$3" > /etc/cjdns.public - - chmod 600 /etc/cjdns.keys - chmod 444 /etc/cjdns.public - } - - grep -q "CJDNS_PRIVATE_KEY=" /etc/cjdns.keys || \ - cjdnsWriteKeys $(${pkg}/bin/makekeys) - - grep -q "CJDNS_ADMIN_PASSWORD=" /etc/cjdns.keys || \ - echo "CJDNS_ADMIN_PASSWORD=$(${pkgs.coreutils}/bin/head -c 96 /dev/urandom | ${pkgs.coreutils}/bin/tr -dc A-Za-z0-9)" \ - >> /etc/cjdns.keys - ''; - networking.extraHosts = "${cjdnsHosts}"; assertions = [ @@ -258,4 +258,4 @@ in }; -}
\ No newline at end of file +} |