diff options
Diffstat (limited to 'nixos/modules/system/boot/initrd-openvpn.nix')
| -rw-r--r-- | nixos/modules/system/boot/initrd-openvpn.nix | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/nixos/modules/system/boot/initrd-openvpn.nix b/nixos/modules/system/boot/initrd-openvpn.nix index cbc61d55d6bb3..2530240628e42 100644 --- a/nixos/modules/system/boot/initrd-openvpn.nix +++ b/nixos/modules/system/boot/initrd-openvpn.nix @@ -51,7 +51,7 @@ in # Add openvpn and ip binaries to the initrd # The shared libraries are required for DNS resolution - boot.initrd.extraUtilsCommands = '' + boot.initrd.extraUtilsCommands = mkIf (!config.boot.initrd.systemd.enable) '' copy_bin_and_libs ${pkgs.openvpn}/bin/openvpn copy_bin_and_libs ${pkgs.iproute2}/bin/ip @@ -59,18 +59,33 @@ in cp -pv ${pkgs.glibc}/lib/libnss_dns.so.2 $out/lib ''; + boot.initrd.systemd.storePaths = [ + "${pkgs.openvpn}/bin/openvpn" + "${pkgs.iproute2}/bin/ip" + "${pkgs.glibc}/lib/libresolv.so.2" + "${pkgs.glibc}/lib/libnss_dns.so.2" + ]; + boot.initrd.secrets = { "/etc/initrd.ovpn" = cfg.configuration; }; # openvpn --version would exit with 1 instead of 0 - boot.initrd.extraUtilsCommandsTest = '' + boot.initrd.extraUtilsCommandsTest = mkIf (!config.boot.initrd.systemd.enable) '' $out/bin/openvpn --show-gateway ''; - boot.initrd.network.postCommands = '' + boot.initrd.network.postCommands = mkIf (!config.boot.initrd.systemd.enable) '' openvpn /etc/initrd.ovpn & ''; + + boot.initrd.systemd.services.openvpn = { + wantedBy = [ "initrd.target" ]; + path = [ pkgs.iproute2 ]; + after = [ "network.target" "initrd-nixos-copy-secrets.service" ]; + serviceConfig.ExecStart = "${pkgs.openvpn}/bin/openvpn /etc/initrd.ovpn"; + serviceConfig.Type = "notify"; + }; }; } |