From 1bff53cb8408f583f4f9a02e487dbe2fa4110271 Mon Sep 17 00:00:00 2001
From: sjau <github.com@sjau.ch>
Date: Thu, 23 May 2019 22:09:01 +0200
Subject: [PATCH] wireguard: restart on failure

As a oneshot service, if the startup failed it would never be attempted again.
This is problematic when peer's addresses require DNS. DNS may not be reliably available at
the time wireguard starts. Converting this to a simple service with Restart
and RestartAfter directives allows the service to be reattempted, but at
the cost of losing the oneshot semantics.

Signed-off-by: Maximilian Bosch <maximilian@mbosch.me>
---
 nixos/modules/services/networking/wireguard.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix
index dd3cb1af2716..b2f9f1d413cb 100644
--- a/nixos/modules/services/networking/wireguard.nix
+++ b/nixos/modules/services/networking/wireguard.nix
@@ -245,7 +245,9 @@ let
         path = with pkgs; [ kmod iproute wireguard-tools ];
 
         serviceConfig = {
-          Type = "oneshot";
+          Type = "simple";
+          Restart = "on-failure";
+          RestartSec = "5s";
           RemainAfterExit = true;
         };