nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-01 23:22:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

openvpn: Add systemd startup notification

Browse Source 
This causes OpenVPN services to reach the "active" state when the VPN
connection is up (i.e., after OpenVPN prints "Initialization Sequence
Completed"). This allows units to be ordered correctly after openvpn-*
units, and makes systemctl present a password prompt:

  $ start openvpn-foo
  Enter Private Key Password: *************

(I first tried to implement this by calling "systemd-notify --ready"
from the "up" script, but systemd-notify is not reliable.)
This commit is contained in:
Eelco Dolstra 2014-04-22 13:08:00 +02:00
parent 33b4ab3ac1
commit 27a8cada79
3 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/modules/services/networking/openvpn.nix
View File

@ -56,6 +56,7 @@ let
serviceConfig.ExecStart = "@${openvpn}/sbin/openvpn openvpn --config ${configFile}";
serviceConfig.Restart = "always";
serviceConfig.Type = "notify";
};
in

10
pkgs/tools/networking/openvpn/default.nix
View File

@ -1,4 +1,6 @@
{ stdenv, fetchurl, iproute, lzo, openssl, pam }:
{ stdenv, fetchurl, iproute, lzo, openssl, pam, systemd }:
with stdenv.lib;
stdenv.mkDerivation rec {
name = "openvpn-2.3.3";
@ -8,7 +10,9 @@ stdenv.mkDerivation rec {
sha256 = "04xiwim56sb1vis93k9hhm1s29jdrlq7i2fa07jncnhh653d29gh";
};
buildInputs = [ iproute lzo openssl pam ];
patches = optional stdenv.isLinux ./systemd-notify.patch;
buildInputs = [ iproute lzo openssl pam ] ++ optional stdenv.isLinux systemd;
configureFlags = ''
--enable-password-save
@ -31,6 +35,8 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
NIX_LDFLAGS = optionalString stdenv.isLinux "-lsystemd-daemon"; # hacky
meta = {
description = "A robust and highly flexible tunneling application";
homepage = http://openvpn.net/;

22
pkgs/tools/networking/openvpn/systemd-notify.patch Normal file
View File

@ -0,0 +1,22 @@
diff -ru -x '*~' openvpn-2.3.1-orig/src/openvpn/init.c openvpn-2.3.1/src/openvpn/init.c
--- openvpn-2.3.1-orig/src/openvpn/init.c 2013-03-20 09:28:14.000000000 +0100
+++ openvpn-2.3.1/src/openvpn/init.c 2014-04-22 13:02:21.351026640 +0200
@@ -48,6 +48,8 @@
#include "occ-inline.h"
+#include <systemd/sd-daemon.h>
+
static struct context *static_context; /* GLOBAL */
/*
@@ -1241,6 +1243,9 @@
{
static const char message[] = "Initialization Sequence Completed";
+ /* Tell systemd we're ready. */
+ sd_notify(0, "READY=1");
+
/* If we delayed UID/GID downgrade or chroot, do it now */
do_uid_gid_chroot (c, true);