Unverified Commit dadca5c5 authored by Artturi's avatar Artturi Committed by GitHub
Browse files

Merge pull request #140890 from seb314/wireguard/dyndns-restart-on-failure 

wireguard: non-invasive fix for permanent disconnects on unstable network (e.g. laptops) from dyndns endpoints
parents ffbb0204 82c5c3c9

nixos/modules/services/networking/wireguard.nix

+24 −0
Original line number Diff line number Diff line
@@ -251,6 +251,21 @@ let 
        '';

      };



      dynamicEndpointRefreshRestartSeconds = mkOption {

        default = null;

        example = 5;

        type = with types; nullOr ints.unsigned;

        description = lib.mdDoc ''

          When the dynamic endpoint refresh that is configured via

          dynamicEndpointRefreshSeconds exits (likely due to a failure),

          restart that service after this many seconds.



          If set to `null` the value of

          {option}`networking.wireguard.dynamicEndpointRefreshSeconds`

          will be used as the default.

        '';

      };



      persistentKeepalive = mkOption {

        default = null;

        type = with types; nullOr int;
@@ -348,6 +363,15 @@ let 
                # cannot be used with systemd timers (see `man systemd.timer`),

                # which is why `simple` with a loop is the best choice here.

                # It also makes starting and stopping easiest.

                #

                # Restart if the service exits (e.g. when wireguard gives up after "Name or service not known" dns failures):

                Restart = "always";

                RestartSec = if null != peer.dynamicEndpointRefreshRestartSeconds

                             then peer.dynamicEndpointRefreshRestartSeconds

                             else peer.dynamicEndpointRefreshSeconds;

              };

        unitConfig = lib.optionalAttrs dynamicRefreshEnabled {

          StartLimitIntervalSec = 0;

        };



        script = let