Loading nixos/modules/services/networking/netbird.nix +21 −11 Original line number Diff line number Diff line Loading @@ -414,9 +414,6 @@ in NB_LOG_LEVEL = client.logLevel; NB_SERVICE = client.service.name; NB_WIREGUARD_PORT = toString client.port; # for gathering journald logs into debug bundles # see https://github.com/netbirdio/netbird/blob/2c87fa623654c5eef76bc0226062290201eef13a/client/internal/debug/debug_linux.go#L50-L51 SYSTEMD_UNIT = client.service.name; } // optionalAttrs (client.dns-resolver.address != null) { NB_DNS_RESOLVER_ADDRESS = "${client.dns-resolver.address}:${builtins.toString client.dns-resolver.port}"; Loading Loading @@ -545,14 +542,7 @@ in after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; path = optionals (!config.services.resolved.enable) [ pkgs.openresolv ] # useful for `netbird debug` system info gathering ++ optionals config.networking.nftables.enable [ pkgs.nftables ] ++ optionals (!config.networking.nftables.enable) [ pkgs.iptables pkgs.ipset ]; path = optionals (!config.services.resolved.enable) [ pkgs.openresolv ]; serviceConfig = { ExecStart = "${getExe client.wrapper} service run"; Loading @@ -576,6 +566,26 @@ in } ); } # netbird debug bundle related configurations { systemd.services = toClientAttrs ( client: nameValuePair client.service.name { /* lets NetBird daemon know which systemd service to gather logs for see https://github.com/netbirdio/netbird/blob/2c87fa623654c5eef76bc0226062290201eef13a/client/internal/debug/debug_linux.go#L50-L51 */ environment.SYSTEMD_UNIT = client.service.name; path = optionals config.networking.nftables.enable [ pkgs.nftables ] ++ optionals (!config.networking.nftables.enable) [ pkgs.iptables pkgs.ipset ]; } ); } # Hardening section (mkIf (hardenedClients != { }) { users.groups = toHardenedClientAttrs (client: nameValuePair client.user.group { }); Loading Loading
nixos/modules/services/networking/netbird.nix +21 −11 Original line number Diff line number Diff line Loading @@ -414,9 +414,6 @@ in NB_LOG_LEVEL = client.logLevel; NB_SERVICE = client.service.name; NB_WIREGUARD_PORT = toString client.port; # for gathering journald logs into debug bundles # see https://github.com/netbirdio/netbird/blob/2c87fa623654c5eef76bc0226062290201eef13a/client/internal/debug/debug_linux.go#L50-L51 SYSTEMD_UNIT = client.service.name; } // optionalAttrs (client.dns-resolver.address != null) { NB_DNS_RESOLVER_ADDRESS = "${client.dns-resolver.address}:${builtins.toString client.dns-resolver.port}"; Loading Loading @@ -545,14 +542,7 @@ in after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; path = optionals (!config.services.resolved.enable) [ pkgs.openresolv ] # useful for `netbird debug` system info gathering ++ optionals config.networking.nftables.enable [ pkgs.nftables ] ++ optionals (!config.networking.nftables.enable) [ pkgs.iptables pkgs.ipset ]; path = optionals (!config.services.resolved.enable) [ pkgs.openresolv ]; serviceConfig = { ExecStart = "${getExe client.wrapper} service run"; Loading @@ -576,6 +566,26 @@ in } ); } # netbird debug bundle related configurations { systemd.services = toClientAttrs ( client: nameValuePair client.service.name { /* lets NetBird daemon know which systemd service to gather logs for see https://github.com/netbirdio/netbird/blob/2c87fa623654c5eef76bc0226062290201eef13a/client/internal/debug/debug_linux.go#L50-L51 */ environment.SYSTEMD_UNIT = client.service.name; path = optionals config.networking.nftables.enable [ pkgs.nftables ] ++ optionals (!config.networking.nftables.enable) [ pkgs.iptables pkgs.ipset ]; } ); } # Hardening section (mkIf (hardenedClients != { }) { users.groups = toHardenedClientAttrs (client: nameValuePair client.user.group { }); Loading
