nixos/tailscale: use systemctl restart during activation.
This avoids the scenario where you activate a new config over Tailscale, and a long delay between the "stop services" and "start services" phases of the activation script lead to your terminal freezing for tens of seconds, until tailscaled finally gets started again and the session recovers. Per the documentation of stopIfChanged, this is only safe to do if the service definition is robust to stopping the old process using the new service definition. As the maintainer of the upstream systemd unit, I can confirm that Tailscale is robust to this scenario: it has to be in order to work right on several other distros that just do unpack-then-restart, rather than the more complex stop-unpack-start dance. Signed-off-by: David Anderson <dave@natulte.net>
This commit is contained in:
parent
a5774e76bb
commit
c9a1647ade
1 changed files with 12 additions and 0 deletions
|
@ -47,6 +47,18 @@ in {
|
|||
] ++ (lib.optionals (cfg.permitCertUid != null) [
|
||||
"TS_PERMIT_CERT_UID=${cfg.permitCertUid}"
|
||||
]);
|
||||
# Restart tailscaled with a single `systemctl restart` at the
|
||||
# end of activation, rather than a `stop` followed by a later
|
||||
# `start`. Activation over Tailscale can hang for tens of
|
||||
# seconds in the stop+start setup, if the activation script has
|
||||
# a significant delay between the stop and start phases
|
||||
# (e.g. script blocked on another unit with a slow shutdown).
|
||||
#
|
||||
# Tailscale is aware of the correctness tradeoff involved, and
|
||||
# already makes its upstream systemd unit robust against unit
|
||||
# version mismatches on restart for compatibility with other
|
||||
# linux distros.
|
||||
stopIfChanged = false;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue