diff options
author | Philip Taron <philip.taron@gmail.com> | 2023-11-30 15:02:51 -0800 |
---|---|---|
committer | Philip Taron <philip.taron@gmail.com> | 2023-11-30 15:02:51 -0800 |
commit | d7ab46ed87ca8385e80ddff6138145baeacf033f (patch) | |
tree | 0ba7dc1cbe8182b7454a191ffcfa034315529bff /nixos/modules/security | |
parent | 407ef67228d2a1206e40a6978e5cb8a41ebb290f (diff) |
nixos/duosec: ensure correct ordering w.r.t. shutdown.target
Diffstat (limited to 'nixos/modules/security')
-rw-r--r-- | nixos/modules/security/duosec.nix | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/nixos/modules/security/duosec.nix b/nixos/modules/security/duosec.nix index 2a855a77e3a39..ef76bfeb6d66a 100644 --- a/nixos/modules/security/duosec.nix +++ b/nixos/modules/security/duosec.nix @@ -195,7 +195,8 @@ in systemd.services.login-duo = lib.mkIf cfg.ssh.enable { wantedBy = [ "sysinit.target" ]; - before = [ "sysinit.target" ]; + before = [ "sysinit.target" "shutdown.target" ]; + conflicts = [ "shutdown.target" ]; unitConfig.DefaultDependencies = false; script = '' if test -f "${cfg.secretKeyFile}"; then @@ -216,7 +217,8 @@ in systemd.services.pam-duo = lib.mkIf cfg.ssh.enable { wantedBy = [ "sysinit.target" ]; - before = [ "sysinit.target" ]; + before = [ "sysinit.target" "shutdown.target" ]; + conflicts = [ "shutdown.target" ]; unitConfig.DefaultDependencies = false; script = '' if test -f "${cfg.secretKeyFile}"; then |