Commit 2a15702b authored by Adam Dinwoodie's avatar Adam Dinwoodie
Browse files

nixos/openvpn: don't fail to restart stopped units 

The current OpenVPN restart-after-sleep script will return a non-zero
exit code if the system resumes from sleep and there are no active
OpenVPN units, resulting in systemd reporting the system as degraded.
Avoid that by only attempting to restart OpenVPN programs that are
actually running at the time.  This also means that any user-managed
OpenVPN sessions won't be affected by NixOS's OpenVPN handling.
parent bc63f402

nixos/modules/services/networking/openvpn.nix

+3 −2
Original line number Diff line number Diff line
@@ -73,8 +73,9 @@ let 
    openvpn-restart = {

      wantedBy = [ "sleep.target" ];

      path = [ pkgs.procps ];

      script = "pkill --signal SIGHUP --exact openvpn";

      #SIGHUP makes openvpn process to self-exit and then it got restarted by systemd because of Restart=always

      script = let

        unitNames = map (n: "openvpn-${n}.service") (builtins.attrNames cfg.servers);

      in "systemctl try-restart ${lib.escapeShellArgs unitNames}";

      description = "Sends a signal to OpenVPN process to trigger a restart after return from sleep";

    };

  };