summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-12-07 21:57:45 +0100
committertv <tv@krebsco.de>2021-12-08 00:48:51 +0100
commitba955a903ec8135400d0d649cc775aaeaa2bee63 (patch)
treed3e18238dfa3963dc80145fbc0fd0830feca4307
parentc3d43331dbefc24fa8079dac827be49c126bca6a (diff)
tv net.ipv6.conf.*.use_tempaddr: admit NixOS 21.11
-rw-r--r--tv/2configs/default.nix13
1 files changed, 11 insertions, 2 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index de298e162..8add07ff6 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -94,8 +94,17 @@ with import <stockholm/lib>;
{
boot.kernel.sysctl = {
# Enable IPv6 Privacy Extensions
- "net.ipv6.conf.all.use_tempaddr" = 2;
- "net.ipv6.conf.default.use_tempaddr" = 2;
+ #
+ # XXX use mkForce here because since NixOS 21.11 there's a collision in
+ # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable
+ # of merging.
+ #
+ # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in
+ # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html
+ # TODO check if that is really necessary, otherwise we can rely solely
+ # on networking.tempAddresses in the future (when nothing is <21.11)
+ "net.ipv6.conf.all.use_tempaddr" = mkForce 2;
+ "net.ipv6.conf.default.use_tempaddr" = mkForce 2;
};
}