diff --git a/nixos/modules/services/cluster/kubernetes.nix b/nixos/modules/services/cluster/kubernetes.nix index 42efde36678f2..4bdd7f95f7745 100644 --- a/nixos/modules/services/cluster/kubernetes.nix +++ b/nixos/modules/services/cluster/kubernetes.nix @@ -421,7 +421,7 @@ in { description = "Kubernetes Api Server"; wantedBy = [ "multi-user.target" ]; requires = ["kubernetes-setup.service"]; - after = [ "network-interfaces.target" "etcd.service" ]; + after = [ "network.target" "etcd.service" "kubernetes-setup.service" ]; serviceConfig = { ExecStart = let authorizationPolicyFile = @@ -468,7 +468,7 @@ in { systemd.services.kube-scheduler = { description = "Kubernetes Scheduler Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "kubernetes-apiserver.service" ]; + after = [ "network.target" "kubernetes-apiserver.service" ]; serviceConfig = { ExecStart = ''${cfg.package}/bin/kube-scheduler \ --address=${cfg.scheduler.address} \ @@ -487,7 +487,7 @@ in { systemd.services.kube-controller-manager = { description = "Kubernetes Controller Manager Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "kubernetes-apiserver.service" ]; + after = [ "network.target" "kubernetes-apiserver.service" ]; serviceConfig = { ExecStart = ''${cfg.package}/bin/kube-controller-manager \ --address=${cfg.controllerManager.address} \ @@ -511,7 +511,7 @@ in { description = "Kubernetes Kubelet Service"; wantedBy = [ "multi-user.target" ]; requires = ["kubernetes-setup.service"]; - after = [ "network-interfaces.target" "etcd.service" "docker.service" ]; + after = [ "network.target" "etcd.service" "docker.service" "kubernetes-setup.service" ]; path = [ pkgs.gitMinimal pkgs.openssh ]; script = '' export PATH="/bin:/sbin:/usr/bin:/usr/sbin:$PATH" @@ -542,7 +542,7 @@ in { systemd.services.kube-proxy = { description = "Kubernetes Proxy Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "etcd.service" ]; + after = [ "network.target" "etcd.service" ]; serviceConfig = { ExecStart = ''${cfg.package}/bin/kube-proxy \ --master=${cfg.proxy.master} \ diff --git a/nixos/modules/services/databases/cassandra.nix b/nixos/modules/services/databases/cassandra.nix index c98af617587d0..b43b448ed7e1e 100644 --- a/nixos/modules/services/databases/cassandra.nix +++ b/nixos/modules/services/databases/cassandra.nix @@ -377,7 +377,7 @@ in { systemd.services.cassandra = { description = "Cassandra Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = cassandraEnvironment; restartTriggers = [ cassandraConfFile cassandraLogFile cassandraRackFile ]; serviceConfig = { diff --git a/nixos/modules/services/databases/influxdb.nix b/nixos/modules/services/databases/influxdb.nix index e2268bd556ef5..ed477524d4cbc 100644 --- a/nixos/modules/services/databases/influxdb.nix +++ b/nixos/modules/services/databases/influxdb.nix @@ -160,7 +160,7 @@ in systemd.services.influxdb = { description = "InfluxDB Server"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig = { ExecStart = ''${cfg.package}/bin/influxd -config "${configFile}"''; User = "${cfg.user}"; diff --git a/nixos/modules/services/databases/neo4j.nix b/nixos/modules/services/databases/neo4j.nix index 41b9606859063..146a604adb2f4 100644 --- a/nixos/modules/services/databases/neo4j.nix +++ b/nixos/modules/services/databases/neo4j.nix @@ -123,7 +123,7 @@ in { systemd.services.neo4j = { description = "Neo4j Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = { NEO4J_INSTANCE = cfg.dataDir; }; serviceConfig = { ExecStart = "${cfg.package}/bin/neo4j console"; diff --git a/nixos/modules/services/misc/apache-kafka.nix b/nixos/modules/services/misc/apache-kafka.nix index 88ce8b5a23fc7..c856d3294c013 100644 --- a/nixos/modules/services/misc/apache-kafka.nix +++ b/nixos/modules/services/misc/apache-kafka.nix @@ -139,7 +139,7 @@ in { systemd.services.apache-kafka = { description = "Apache Kafka Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig = { ExecStart = '' ${pkgs.jre}/bin/java \ diff --git a/nixos/modules/services/misc/etcd.nix b/nixos/modules/services/misc/etcd.nix index d30cc5fd7e890..1de02d76ba0a9 100644 --- a/nixos/modules/services/misc/etcd.nix +++ b/nixos/modules/services/misc/etcd.nix @@ -143,9 +143,9 @@ in { config = mkIf cfg.enable { systemd.services.etcd = { - description = "Etcd Daemon"; + description = "etcd key-value store"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = (filterAttrs (n: v: v != null) { ETCD_NAME = cfg.name; @@ -168,12 +168,18 @@ in { ETCD_INITIAL_CLUSTER_TOKEN = cfg.initialClusterToken; }) // (mapAttrs' (n: v: nameValuePair "ETCD_${n}" v) cfg.extraConf); + unitConfig = { + Documentation = "https://github.com/coreos/etcd"; + }; + serviceConfig = { Type = "notify"; ExecStart = "${pkgs.etcd.bin}/bin/etcd"; User = "etcd"; PermissionsStartOnly = true; + LimitNOFILE = 40000; }; + preStart = '' mkdir -m 0700 -p ${cfg.dataDir} if [ "$(id -u)" = 0 ]; then chown etcd ${cfg.dataDir}; fi diff --git a/nixos/modules/services/misc/folding-at-home.nix b/nixos/modules/services/misc/folding-at-home.nix index 4f09cbfdd79b4..053e7e95635fd 100644 --- a/nixos/modules/services/misc/folding-at-home.nix +++ b/nixos/modules/services/misc/folding-at-home.nix @@ -50,7 +50,7 @@ in { }; systemd.services.foldingathome = { - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' mkdir -m 0755 -p ${stateDir} diff --git a/nixos/modules/services/misc/mesos-master.nix b/nixos/modules/services/misc/mesos-master.nix index 497646b2b4187..99583ebeebd51 100644 --- a/nixos/modules/services/misc/mesos-master.nix +++ b/nixos/modules/services/misc/mesos-master.nix @@ -80,7 +80,7 @@ in { systemd.services.mesos-master = { description = "Mesos Master"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig = { ExecStart = '' ${pkgs.mesos}/bin/mesos-master \ diff --git a/nixos/modules/services/misc/mesos-slave.nix b/nixos/modules/services/misc/mesos-slave.nix index 8c29734813a13..9ddecb6fe30c7 100644 --- a/nixos/modules/services/misc/mesos-slave.nix +++ b/nixos/modules/services/misc/mesos-slave.nix @@ -105,7 +105,7 @@ in { systemd.services.mesos-slave = { description = "Mesos Slave"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment.MESOS_CONTAINERIZERS = concatStringsSep "," containerizers; serviceConfig = { ExecStart = '' diff --git a/nixos/modules/services/misc/svnserve.nix b/nixos/modules/services/misc/svnserve.nix index c74befac749db..04a6cd7bfa9ba 100644 --- a/nixos/modules/services/misc/svnserve.nix +++ b/nixos/modules/services/misc/svnserve.nix @@ -35,7 +35,7 @@ in config = mkIf cfg.enable { systemd.services.svnserve = { - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = "mkdir -p ${cfg.svnBaseDir}"; script = "${pkgs.subversion.out}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid"; diff --git a/nixos/modules/services/misc/zookeeper.nix b/nixos/modules/services/misc/zookeeper.nix index 4ce692b6f6a52..b7bca8b56b283 100644 --- a/nixos/modules/services/misc/zookeeper.nix +++ b/nixos/modules/services/misc/zookeeper.nix @@ -113,7 +113,7 @@ in { systemd.services.zookeeper = { description = "Zookeeper Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = { ZOOCFGDIR = configDir; }; serviceConfig = { ExecStart = '' diff --git a/nixos/modules/services/monitoring/graphite.nix b/nixos/modules/services/monitoring/graphite.nix index 08fc3f04dbfc0..1de3320dc42c0 100644 --- a/nixos/modules/services/monitoring/graphite.nix +++ b/nixos/modules/services/monitoring/graphite.nix @@ -387,7 +387,7 @@ in { systemd.services.carbonCache = let name = "carbon-cache"; in { description = "Graphite Data Storage Backend"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = carbonEnv; serviceConfig = { ExecStart = "${pkgs.pythonPackages.twisted}/bin/twistd ${carbonOpts name}"; @@ -410,7 +410,7 @@ in { enable = cfg.carbon.enableAggregator; description = "Carbon Data Aggregator"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = carbonEnv; serviceConfig = { ExecStart = "${pkgs.pythonPackages.twisted}/bin/twistd ${carbonOpts name}"; @@ -426,7 +426,7 @@ in { systemd.services.carbonRelay = let name = "carbon-relay"; in { description = "Carbon Data Relay"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = carbonEnv; serviceConfig = { ExecStart = "${pkgs.pythonPackages.twisted}/bin/twistd ${carbonOpts name}"; @@ -448,7 +448,7 @@ in { systemd.services.graphiteWeb = { description = "Graphite Web Interface"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; path = [ pkgs.perl ]; environment = { PYTHONPATH = let @@ -501,7 +501,7 @@ in { systemd.services.graphiteApi = { description = "Graphite Api Interface"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment = { PYTHONPATH = let aenv = pkgs.python.buildEnv.override { @@ -538,7 +538,7 @@ in { systemd.services.seyren = { description = "Graphite Alerting Dashboard"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "mongodb.service" ]; + after = [ "network.target" "mongodb.service" ]; environment = seyrenConfig; serviceConfig = { ExecStart = "${pkgs.seyren}/bin/seyren -httpPort ${toString cfg.seyren.port}"; @@ -561,7 +561,7 @@ in { systemd.services.graphitePager = { description = "Graphite Pager Alerting Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "redis.service" ]; + after = [ "network.target" "redis.service" ]; environment = { REDIS_URL = cfg.pager.redisUrl; GRAPHITE_URL = cfg.pager.graphiteUrl; diff --git a/nixos/modules/services/monitoring/monit.nix b/nixos/modules/services/monitoring/monit.nix index 704693969a358..e07ffd2e8b548 100644 --- a/nixos/modules/services/monitoring/monit.nix +++ b/nixos/modules/services/monitoring/monit.nix @@ -36,11 +36,16 @@ in ]; systemd.services.monit = { - description = "Monit system watcher"; - after = [ "network-interfaces.target" ]; + description = "Pro-active monitoring utility for unix systems"; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - script = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf"; - serviceConfig.Restart = "always"; + serviceConfig = { + ExecStart = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf"; + ExecStop = "${pkgs.monit}/bin/monit -c /etc/monit.conf quit"; + ExecReload = "${pkgs.monit}/bin/monit -c /etc/monit.conf reload"; + KillMode = "process"; + Restart = "always"; + }; }; }; } diff --git a/nixos/modules/services/monitoring/nagios.nix b/nixos/modules/services/monitoring/nagios.nix index f2f7710de9e7e..4914c5db97d24 100644 --- a/nixos/modules/services/monitoring/nagios.nix +++ b/nixos/modules/services/monitoring/nagios.nix @@ -163,7 +163,7 @@ in description = "Nagios monitoring daemon"; path = [ pkgs.nagios ]; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig = { User = "nagios"; diff --git a/nixos/modules/services/network-filesystems/openafs-client/default.nix b/nixos/modules/services/network-filesystems/openafs-client/default.nix index 891f41c8dcdc3..6f51e287910ae 100644 --- a/nixos/modules/services/network-filesystems/openafs-client/default.nix +++ b/nixos/modules/services/network-filesystems/openafs-client/default.nix @@ -75,7 +75,7 @@ in systemd.services.afsd = { description = "AFS client"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; preStart = '' mkdir -p -m 0755 /afs diff --git a/nixos/modules/services/networking/bind.nix b/nixos/modules/services/networking/bind.nix index 08afafceff24d..41d7128ec31ef 100644 --- a/nixos/modules/services/networking/bind.nix +++ b/nixos/modules/services/networking/bind.nix @@ -145,8 +145,8 @@ in }; systemd.services.bind = { - description = "BIND name server job"; - after = [ "network-interfaces.target" ]; + description = "BIND Domain Name Server"; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' @@ -155,6 +155,7 @@ in ''; script = "${pkgs.bind.bin}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f"; + unitConfig.Documentation = "man:named(8)"; }; }; } diff --git a/nixos/modules/services/networking/cjdns.nix b/nixos/modules/services/networking/cjdns.nix index 0495b32c6fa8e..cb00139c5f1cf 100644 --- a/nixos/modules/services/networking/cjdns.nix +++ b/nixos/modules/services/networking/cjdns.nix @@ -208,9 +208,9 @@ in # networking.firewall.allowedUDPPorts = ... systemd.services.cjdns = { - description = "encrypted networking for everybody"; - wantedBy = [ "network.target" ]; - after = [ "networkSetup.service" "network-interfaces.target" ]; + description = "cjdns: routing engine designed for security, scalability, speed and ease of use"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; preStart = if cfg.confFile != "" then "" else '' [ -e /etc/cjdns.keys ] && source /etc/cjdns.keys diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index 4b0e908865105..87c0aa50a1ffe 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -158,8 +158,8 @@ in { description = "DHCP Client"; wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; wants = [ "network.target" ]; - before = [ "network.target" ]; # Stopping dhcpcd during a reconfiguration is undesirable # because it brings down the network interfaces configured by diff --git a/nixos/modules/services/networking/gvpe.nix b/nixos/modules/services/networking/gvpe.nix index 27b64b5bb95f2..3ef3548e0a08f 100644 --- a/nixos/modules/services/networking/gvpe.nix +++ b/nixos/modules/services/networking/gvpe.nix @@ -105,7 +105,7 @@ in config = mkIf cfg.enable { systemd.services.gvpe = { description = "GNU Virtual Private Ethernet node"; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' diff --git a/nixos/modules/services/networking/nat.nix b/nixos/modules/services/networking/nat.nix index 9d163e60d5eaf..23f1b2476ebef 100644 --- a/nixos/modules/services/networking/nat.nix +++ b/nixos/modules/services/networking/nat.nix @@ -171,7 +171,7 @@ in systemd.services = mkIf (!config.networking.firewall.enable) { nat = { description = "Network Address Translation"; wantedBy = [ "network.target" ]; - after = [ "network-interfaces.target" "systemd-modules-load.service" ]; + after = [ "network-pre.target" "systemd-modules-load.service" ]; path = [ pkgs.iptables ]; unitConfig.ConditionCapability = "CAP_NET_ADMIN"; diff --git a/nixos/modules/services/networking/oidentd.nix b/nixos/modules/services/networking/oidentd.nix index 651bb8e967cf2..ba7acd879546d 100644 --- a/nixos/modules/services/networking/oidentd.nix +++ b/nixos/modules/services/networking/oidentd.nix @@ -25,7 +25,7 @@ with lib; config = mkIf config.services.oidentd.enable { systemd.services.oidentd = { - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; serviceConfig.Type = "forking"; script = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" + diff --git a/nixos/modules/services/networking/openvpn.nix b/nixos/modules/services/networking/openvpn.nix index 82173a841a3f5..af3efa0464a66 100644 --- a/nixos/modules/services/networking/openvpn.nix +++ b/nixos/modules/services/networking/openvpn.nix @@ -56,7 +56,7 @@ let description = "OpenVPN instance ‘${name}’"; wantedBy = optional cfg.autoStart "multi-user.target"; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; path = [ pkgs.iptables pkgs.iproute pkgs.nettools ]; diff --git a/nixos/modules/services/networking/radicale.nix b/nixos/modules/services/networking/radicale.nix index d5e2e3041b498..4f7ed30b2a852 100644 --- a/nixos/modules/services/networking/radicale.nix +++ b/nixos/modules/services/networking/radicale.nix @@ -50,7 +50,7 @@ in systemd.services.radicale = { description = "A Simple Calendar and Contact Server"; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; script = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -f"; serviceConfig.User = "radicale"; diff --git a/nixos/modules/services/networking/softether.nix b/nixos/modules/services/networking/softether.nix index 5e49efc3aa3af..16530078b978a 100644 --- a/nixos/modules/services/networking/softether.nix +++ b/nixos/modules/services/networking/softether.nix @@ -63,7 +63,6 @@ in ]; systemd.services."softether-init" = { description = "SoftEther VPN services initial task"; - wantedBy = [ "network-interfaces.target" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = false; @@ -84,8 +83,9 @@ in (mkIf (cfg.vpnserver.enable) { systemd.services.vpnserver = { description = "SoftEther VPN Server"; - after = [ "softether-init.service" ]; - wantedBy = [ "network-interfaces.target" ]; + after = [ "softether-init.service" "network.target" ]; + wants = [ "softether-init.service" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Type = "forking"; ExecStart = "${pkg}/bin/vpnserver start"; @@ -104,8 +104,9 @@ in (mkIf (cfg.vpnbridge.enable) { systemd.services.vpnbridge = { description = "SoftEther VPN Bridge"; - after = [ "softether-init.service" ]; - wantedBy = [ "network-interfaces.target" ]; + after = [ "softether-init.service" "network.target" ]; + wants = [ "softether-init.service" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Type = "forking"; ExecStart = "${pkg}/bin/vpnbridge start"; @@ -124,8 +125,9 @@ in (mkIf (cfg.vpnclient.enable) { systemd.services.vpnclient = { description = "SoftEther VPN Client"; - after = [ "softether-init.service" ]; - wantedBy = [ "network-interfaces.target" ]; + after = [ "softether-init.service" "network.target" ]; + wants = [ "softether-init.service" ]; + wantedBy = [ "multi-user.target" ]; serviceConfig = { Type = "forking"; ExecStart = "${pkg}/bin/vpnclient start"; diff --git a/nixos/modules/services/networking/ssh/lshd.nix b/nixos/modules/services/networking/ssh/lshd.nix index 661a6a5246314..eca599afb33b2 100644 --- a/nixos/modules/services/networking/ssh/lshd.nix +++ b/nixos/modules/services/networking/ssh/lshd.nix @@ -120,7 +120,7 @@ in systemd.services.lshd = { description = "GNU lshd SSH2 daemon"; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; diff --git a/nixos/modules/services/networking/tcpcrypt.nix b/nixos/modules/services/networking/tcpcrypt.nix index 267653abce03a..2f304165eb4bd 100644 --- a/nixos/modules/services/networking/tcpcrypt.nix +++ b/nixos/modules/services/networking/tcpcrypt.nix @@ -39,7 +39,7 @@ in description = "tcpcrypt"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ]; diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix index 8da0f817ae2a5..d4fa6ad4540be 100644 --- a/nixos/modules/services/networking/tinc.nix +++ b/nixos/modules/services/networking/tinc.nix @@ -149,8 +149,8 @@ in ("tinc.${network}") ({ description = "Tinc Daemon - ${network}"; - wantedBy = [ "network.target" ]; - after = [ "network-interfaces.target" ]; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; path = [ data.package ]; restartTriggers = [ config.environment.etc."tinc/${network}/tinc.conf".source ] ++ mapAttrsToList (host: _ : config.environment.etc."tinc/${network}/hosts/${host}".source) data.hosts; diff --git a/nixos/modules/services/networking/wicd.nix b/nixos/modules/services/networking/wicd.nix index 9e5a437b48569..03c6bd28aaba9 100644 --- a/nixos/modules/services/networking/wicd.nix +++ b/nixos/modules/services/networking/wicd.nix @@ -26,7 +26,9 @@ with lib; environment.systemPackages = [pkgs.wicd]; systemd.services.wicd = { - after = [ "network-interfaces.target" ]; + after = [ "network-pre.target" ]; + before = [ "network.target" ]; + wants = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; script = "${pkgs.wicd}/sbin/wicd -f"; }; diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index de99ce4f02604..a344d7855463a 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -128,9 +128,9 @@ in { in { description = "WPA Supplicant"; - after = [ "network-interfaces.target" ] ++ lib.concatMap deviceUnit ifaces; + after = [ "network.target" ] ++ lib.concatMap deviceUnit ifaces; requires = lib.concatMap deviceUnit ifaces; - wantedBy = [ "network.target" ]; + wantedBy = [ "network-online.target" ]; path = [ pkgs.wpa_supplicant ]; diff --git a/nixos/modules/services/networking/xinetd.nix b/nixos/modules/services/networking/xinetd.nix index 08680b517808a..d27f04a180f34 100644 --- a/nixos/modules/services/networking/xinetd.nix +++ b/nixos/modules/services/networking/xinetd.nix @@ -141,7 +141,7 @@ in config = mkIf cfg.enable { systemd.services.xinetd = { description = "xinetd server"; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; path = [ pkgs.xinetd ]; script = "xinetd -syslog daemon -dontfork -stayalive -f ${configFile}"; diff --git a/nixos/modules/services/networking/zerobin.nix b/nixos/modules/services/networking/zerobin.nix index 1c524602f8e96..274bbca53fa33 100644 --- a/nixos/modules/services/networking/zerobin.nix +++ b/nixos/modules/services/networking/zerobin.nix @@ -86,15 +86,15 @@ in systemd.services.zerobin = { enable = true; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; serviceConfig.ExecStart = "${pkgs.pythonPackages.zerobin}/bin/zerobin ${cfg.listenAddress} ${toString cfg.listenPort} false ${cfg.user} ${cfg.group} ${zerobin_config}"; serviceConfig.PrivateTmp="yes"; serviceConfig.User = cfg.user; serviceConfig.Group = cfg.group; preStart = '' - mkdir -p ${cfg.dataDir} - chown ${cfg.user} ${cfg.dataDir} + mkdir -p ${cfg.dataDir} + chown ${cfg.user} ${cfg.dataDir} ''; }; }; diff --git a/nixos/modules/services/scheduling/chronos.nix b/nixos/modules/services/scheduling/chronos.nix index db1f0f5f00c99..6c39997fec88e 100644 --- a/nixos/modules/services/scheduling/chronos.nix +++ b/nixos/modules/services/scheduling/chronos.nix @@ -41,7 +41,7 @@ in { systemd.services.chronos = { description = "Chronos Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "zookeeper.service" ]; + after = [ "network.target" "zookeeper.service" ]; serviceConfig = { ExecStart = "${pkgs.chronos}/bin/chronos --master ${cfg.master} --zk_hosts ${concatStringsSep "," cfg.zookeeperHosts} --http_port ${toString cfg.httpPort}"; diff --git a/nixos/modules/services/scheduling/marathon.nix b/nixos/modules/services/scheduling/marathon.nix index 4e837c62dc117..19c9a708f21fb 100644 --- a/nixos/modules/services/scheduling/marathon.nix +++ b/nixos/modules/services/scheduling/marathon.nix @@ -83,7 +83,7 @@ in { description = "Marathon Service"; environment = cfg.environment; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "zookeeper.service" "mesos-master.service" "mesos-slave.service" ]; + after = [ "network.target" "zookeeper.service" "mesos-master.service" "mesos-slave.service" ]; serviceConfig = { ExecStart = "${pkgs.marathon}/bin/marathon --master ${cfg.master} --zk zk://${concatStringsSep "," cfg.zookeeperHosts}/marathon --http_port ${toString cfg.httpPort} ${concatStringsSep " " cfg.extraCmdLineOptions}"; diff --git a/nixos/modules/services/search/elasticsearch.nix b/nixos/modules/services/search/elasticsearch.nix index 9299aaac2f70e..574f74d547a5f 100644 --- a/nixos/modules/services/search/elasticsearch.nix +++ b/nixos/modules/services/search/elasticsearch.nix @@ -129,7 +129,7 @@ in { systemd.services.elasticsearch = { description = "Elasticsearch Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; path = [ pkgs.inetutils ]; environment = { ES_HOME = cfg.dataDir; diff --git a/nixos/modules/services/search/kibana.nix b/nixos/modules/services/search/kibana.nix index 033b8139d3414..d377a6feeb8ed 100644 --- a/nixos/modules/services/search/kibana.nix +++ b/nixos/modules/services/search/kibana.nix @@ -138,7 +138,7 @@ in { systemd.services.kibana = { description = "Kibana Service"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" "elasticsearch.service" ]; + after = [ "network.target" "elasticsearch.service" ]; environment = { BABEL_CACHE_PATH = "${cfg.dataDir}/.babelcache.json"; }; serviceConfig = { ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}"; diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix index 4c20392214fc9..caa7d9d508125 100644 --- a/nixos/modules/services/security/oauth2_proxy.nix +++ b/nixos/modules/services/security/oauth2_proxy.nix @@ -510,7 +510,7 @@ in description = "OAuth2 Proxy"; path = [ cfg.package ]; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig = { User = "oauth2_proxy"; diff --git a/nixos/modules/services/torrent/peerflix.nix b/nixos/modules/services/torrent/peerflix.nix index 38fbd3b226cdc..2e3dd9902d729 100644 --- a/nixos/modules/services/torrent/peerflix.nix +++ b/nixos/modules/services/torrent/peerflix.nix @@ -42,7 +42,7 @@ in { systemd.services.peerflix = { description = "Peerflix Daemon"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; environment.HOME = cfg.stateDir; preStart = '' diff --git a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix index 937b2698ce9b9..495c1abb05213 100644 --- a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix +++ b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix @@ -244,7 +244,6 @@ in chown ${serverInfo.serverConfig.user} ${config.wordpressUploads} # we should use systemd dependencies here - #waitForUnit("network-interfaces.target"); if [ ! -d ${serverInfo.fullConfig.services.mysql.dataDir}/${config.dbName} ]; then echo "Need to create the database '${config.dbName}' and grant permissions to user named '${config.dbUser}'." # Wait until MySQL is up diff --git a/nixos/modules/services/web-servers/tomcat.nix b/nixos/modules/services/web-servers/tomcat.nix index fa6b4c0629d7a..943415e08c645 100644 --- a/nixos/modules/services/web-servers/tomcat.nix +++ b/nixos/modules/services/web-servers/tomcat.nix @@ -139,7 +139,7 @@ in systemd.services.tomcat = { description = "Apache Tomcat server"; wantedBy = [ "multi-user.target" ]; - after = [ "network-interfaces.target" ]; + after = [ "network.target" ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index 38b4b437369d4..d125be7c3d07f 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -672,7 +672,6 @@ in systemd.services.systemd-networkd = { wantedBy = [ "multi-user.target" ]; - before = [ "network-interfaces.target" ]; restartTriggers = [ config.environment.etc."systemd/network".source ]; }; diff --git a/nixos/modules/system/boot/systemd-lib.nix b/nixos/modules/system/boot/systemd-lib.nix index 2e93693cbfc80..997770b8becaa 100644 --- a/nixos/modules/system/boot/systemd-lib.nix +++ b/nixos/modules/system/boot/systemd-lib.nix @@ -182,7 +182,7 @@ rec { mkdir -p $out/getty.target.wants/ ln -s ../autovt@tty1.service $out/getty.target.wants/ - ln -s ../local-fs.target ../remote-fs.target ../network.target \ + ln -s ../local-fs.target ../remote-fs.target \ ../nss-lookup.target ../nss-user-lookup.target ../swap.target \ $out/multi-user.target.wants/ ''} diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index d1b62e0fd4e48..6a8f20bab5b62 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -54,16 +54,22 @@ in networkSetup = { description = "Networking Setup"; - after = [ "network-interfaces.target" "network-pre.target" ]; - before = [ "network.target" ]; - wantedBy = [ "network.target" ]; + after = [ "network-pre.target" "systemd-udevd.service" "systemd-sysctl.service" ]; + before = [ "network.target" "shutdown.target" ]; + wants = [ "network.target" ]; + conflicts = [ "shutdown.target" ]; + wantedBy = [ "multi-user.target" ]; unitConfig.ConditionCapability = "CAP_NET_ADMIN"; path = [ pkgs.iproute ]; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + + unitConfig.DefaultDependencies = false; script = '' @@ -108,8 +114,12 @@ in in nameValuePair "network-addresses-${i.name}" { description = "Address configuration of ${i.name}"; - wantedBy = [ "network-interfaces.target" ]; - before = [ "network-interfaces.target" ]; + wantedBy = [ "network-setup.service" ]; + # propagate stop and reload from network-setup + partOf = [ "network-setup.service" ]; + # order before network-setup because the routes that are configured + # there may need ip addresses configured + before = [ "network-setup.service" ]; bindsTo = [ (subsystemDevice i.name) ]; after = [ (subsystemDevice i.name) "network-pre.target" ]; serviceConfig.Type = "oneshot"; @@ -129,20 +139,11 @@ in echo "checking ip ${address}..." if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then echo "added ip ${address}..." - restart_network_setup=true elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then echo "failed to add ${address}" exit 1 fi - '') - + optionalString (ips != [ ]) - '' - if [ "$restart_network_setup" = "true" ]; then - # Ensure that the default gateway remains set. - # (Flushing this interface may have removed it.) - ${config.systemd.package}/bin/systemctl try-restart --no-block network-setup.service - fi - ''; + ''); preStop = flip concatMapStrings (ips) (ip: let address = "${ip.address}/${toString ip.prefixLength}"; @@ -156,10 +157,11 @@ in createTunDevice = i: nameValuePair "${i.name}-netdev" { description = "Virtual Network Interface ${i.name}"; - requires = [ "dev-net-tun.device" ]; + bindsTo = [ "dev-net-tun.device" ]; after = [ "dev-net-tun.device" "network-pre.target" ]; - wantedBy = [ "network.target" (subsystemDevice i.name) ]; - before = [ "network-interfaces.target" (subsystemDevice i.name) ]; + wantedBy = [ "network-setup.service" (subsystemDevice i.name) ]; + partOf = [ "network-setup.service" ]; + before = [ "network-setup.service" (subsystemDevice i.name) ]; path = [ pkgs.iproute ]; serviceConfig = { Type = "oneshot"; @@ -180,12 +182,12 @@ in deps = map subsystemDevice v.interfaces; in { description = "Bridge Interface ${n}"; - wantedBy = [ "network.target" (subsystemDevice n) ]; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; bindsTo = deps ++ optional v.rstp "mstpd.service"; - partOf = optional v.rstp "mstpd.service"; + partOf = [ "network-setup.service" ] ++ optional v.rstp "mstpd.service"; after = [ "network-pre.target" "mstpd.service" ] ++ deps ++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces; - before = [ "network-interfaces.target" (subsystemDevice n) ]; + before = [ "network-setup.service" (subsystemDevice n) ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute ]; @@ -222,11 +224,11 @@ in ofRules = pkgs.writeText "vswitch-${n}-openFlowRules" v.openFlowRules; in { description = "Open vSwitch Interface ${n}"; - wantedBy = [ "network.target" "vswitchd.service" ] ++ deps; + wantedBy = [ "network-setup.service" "vswitchd.service" ] ++ deps; bindsTo = [ "vswitchd.service" (subsystemDevice n) ] ++ deps; - partOf = [ "vswitchd.service" ]; + partOf = [ "network-setup.service" "vswitchd.service" ]; after = [ "network-pre.target" "vswitchd.service" ] ++ deps; - before = [ "network-interfaces.target" ]; + before = [ "network-setup.service" ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute config.virtualisation.vswitch.package ]; @@ -254,11 +256,12 @@ in deps = map subsystemDevice v.interfaces; in { description = "Bond Interface ${n}"; - wantedBy = [ "network.target" (subsystemDevice n) ]; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; bindsTo = deps; + partOf = [ "network-setup.service" ]; after = [ "network-pre.target" ] ++ deps ++ concatMap (i: [ "network-addresses-${i}.service" "network-link-${i}.service" ]) v.interfaces; - before = [ "network-interfaces.target" (subsystemDevice n) ]; + before = [ "network-setup.service" (subsystemDevice n) ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute pkgs.gawk ]; @@ -291,10 +294,11 @@ in deps = [ (subsystemDevice v.interface) ]; in { description = "Vlan Interface ${n}"; - wantedBy = [ "network.target" (subsystemDevice n) ]; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; bindsTo = deps; + partOf = [ "network-setup.service" ]; after = [ "network-pre.target" ] ++ deps; - before = [ "network-interfaces.target" (subsystemDevice n) ]; + before = [ "network-setup.service" (subsystemDevice n) ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute ]; @@ -315,10 +319,11 @@ in deps = optional (v.dev != null) (subsystemDevice v.dev); in { description = "6-to-4 Tunnel Interface ${n}"; - wantedBy = [ "network.target" (subsystemDevice n) ]; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; bindsTo = deps; + partOf = [ "network-setup.service" ]; after = [ "network-pre.target" ] ++ deps; - before = [ "network-interfaces.target" (subsystemDevice n) ]; + before = [ "network-setup.service" (subsystemDevice n) ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute ]; @@ -342,10 +347,11 @@ in deps = [ (subsystemDevice v.interface) ]; in { description = "Vlan Interface ${n}"; - wantedBy = [ "network.target" (subsystemDevice n) ]; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; bindsTo = deps; + partOf = [ "network-setup.service" ]; after = [ "network-pre.target" ] ++ deps; - before = [ "network-interfaces.target" (subsystemDevice n) ]; + before = [ "network-setup.service" (subsystemDevice n) ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.iproute ]; diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index dc62cae24c7aa..144ad10138d62 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -932,8 +932,10 @@ in ] ++ bridgeStp; + # The network-interfaces target is kept for backwards compatibility. + # New modules must NOT use it. systemd.targets."network-interfaces" = - { description = "All Network Interfaces"; + { description = "All Network Interfaces (deprecated)"; wantedBy = [ "network.target" ]; before = [ "network.target" ]; after = [ "network-pre.target" ]; diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index d5a0a9b798f56..17d4a878d3a4f 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -41,7 +41,6 @@ let machine.networking.useNetworkd = networkd; testScript = '' startAll; - $machine->waitForUnit("network-interfaces.target"); $machine->waitForUnit("network.target"); $machine->succeed("ip addr show lo | grep -q 'inet 127.0.0.1/8 '"); $machine->succeed("ip addr show lo | grep -q 'inet6 ::1/128 '"); @@ -71,9 +70,7 @@ let '' startAll; - $client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network.target"); - $router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network.target"); # Make sure dhcpcd is not started @@ -119,9 +116,7 @@ let '' startAll; - $client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network.target"); - $router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network.target"); # Wait until we have an ip address on each interface @@ -164,9 +159,7 @@ let startAll; # Wait for networking to come up - $client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network.target"); - $router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network.target"); # Wait until we have an ip address on each interface @@ -213,9 +206,7 @@ let startAll; # Wait for networking to come up - $client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network.target"); - $client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network.target"); # Test bonding @@ -259,11 +250,8 @@ let startAll; # Wait for networking to come up - $client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network.target"); - $client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network.target"); - $router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network.target"); # Test bridging @@ -298,9 +286,7 @@ let startAll; # Wait for networking to come up - $client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network.target"); - $router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network.target"); # Wait until we have an ip address on each interface @@ -348,9 +334,7 @@ let startAll; # Wait for networking to be configured - $client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network.target"); - $client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network.target"); # Print diagnostic information @@ -391,9 +375,7 @@ let startAll; # Wait for networking to be configured - $client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network.target"); - $client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network.target"); # Test vlan is setup