From ba955a903ec8135400d0d649cc775aaeaa2bee63 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 7 Dec 2021 21:57:45 +0100
Subject: tv net.ipv6.conf.*.use_tempaddr: admit NixOS 21.11

---
 tv/2configs/default.nix | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index de298e16..8add07ff 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -94,8 +94,17 @@ with import <stockholm/lib>;
     {
       boot.kernel.sysctl = {
         # Enable IPv6 Privacy Extensions
-        "net.ipv6.conf.all.use_tempaddr" = 2;
-        "net.ipv6.conf.default.use_tempaddr" = 2;
+        #
+        # XXX use mkForce here because since NixOS 21.11 there's a collision in
+        # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable
+        # of merging.
+        #
+        # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in
+        # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html
+        # TODO check if that is really necessary, otherwise we can rely solely
+        # on networking.tempAddresses in the future (when nothing is <21.11)
+        "net.ipv6.conf.all.use_tempaddr" = mkForce 2;
+        "net.ipv6.conf.default.use_tempaddr" = mkForce 2;
       };
     }
 
-- 
cgit v1.2.3