nixos/wireguard: Remove .path systemd unit for privkey. Fixes #123203

As per `man systemd.path`: > When a service unit triggered by a path unit terminates > (regardless whether it exited successfully or failed), > monitored paths are checked immediately again, > **and the service accordingly restarted instantly**. Thus the existence of the path unit made it impossible to stop the wireguard service using e.g. systemctl stop wireguard-wg0.service Systemd path units are not intended for program inputs such as private key files. This commit simply removes this usage; the private key is still generated by the `generateKeyServiceUnit`. (cherry picked from commit d344dccf3dc592242f11ef993acb9ecee8d84796)
2021-05-16 17:47:01 +02:00 · 2021-05-16 17:47:01 +02:00 · b73e47d3d7
parent d5d7312426
commit b73e47d3d7
1 changed files with 0 additions and 14 deletions
--- a/nixos/modules/services/networking/wireguard.nix
+++ b/nixos/modules/services/networking/wireguard.nix
@ -219,17 +219,6 @@ let

  };

-  generatePathUnit = name: values:
-    assert (values.privateKey == null);
-    assert (values.privateKeyFile != null);
-    nameValuePair "wireguard-${name}"
-      {
-        description = "WireGuard Tunnel - ${name} - Private Key";
-        requiredBy = [ "wireguard-${name}.service" ];
-        before = [ "wireguard-${name}.service" ];
-        pathConfig.PathExists = values.privateKeyFile;
-      };
-
  generateKeyServiceUnit = name: values:
    assert values.generatePrivateKeyFile;
    nameValuePair "wireguard-${name}-key"
@ -448,9 +437,6 @@ in
      // (mapAttrs' generateKeyServiceUnit
      (filterAttrs (name: value: value.generatePrivateKeyFile) cfg.interfaces));

-    systemd.paths = mapAttrs' generatePathUnit
-      (filterAttrs (name: value: value.privateKeyFile != null) cfg.interfaces);
-
  });

 }