wireguard: restart on failure

As a oneshot service, if the startup failed it would never be attempted again. This is problematic when peer's addresses require DNS. DNS may not be reliably available at the time wireguard starts. Converting this to a simple service with Restart and RestartAfter directives allows the service to be reattempted, but at the cost of losing the oneshot semantics. Signed-off-by: Maximilian Bosch <maximilian@mbosch.me> (cherry picked from commit 1bff53c)
NixOS · May 25, 2019 · ced7cfc · ced7cfc
1 parent c826890
commit ced7cfc
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix
@@ -197,7 +197,9 @@ let
         path = with pkgs; [ kmod iproute wireguard-tools ];
 
         serviceConfig = {
-          Type = "oneshot";
+          Type = "simple";
+          Restart = "on-failure";
+          RestartSec = "5s";
           RemainAfterExit = true;
         };