nathan/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-06-05 21:03:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixos/firewalld: add reload triggers for config file changes

Browse Source 
When firewalld serves as the backend for networking.firewall, changes
to allowedTCPPorts, zones, settings etc. rewrite /etc/firewalld/*
but firewalld.service was never reloaded. Add reloadTriggers pointing
to firewalld.conf, all zone XMLs and service XMLs so
switch-to-configuration reloads the daemon on nixos-rebuild switch.

nixos/firewalld: treefmt
This commit is contained in:
ArisoN
2026-05-25 15:49:50 +03:00
parent 91b3d13e96
commit 84160ddeb8
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
nixos/modules/services/networking/firewalld/default.nix
View File

@@ -57,7 +57,19 @@ in
systemd.services.firewalld = {
aliases = [ "dbus-org.fedoraproject.FirewallD1.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecReload = "${lib.getExe' pkgs.coreutils "kill"} -HUP $MAINPID";
serviceConfig.ExecReload = [
""
"${lib.getExe' pkgs.coreutils "kill"} -HUP $MAINPID"
];
reloadTriggers = [
config.environment.etc."firewalld/firewalld.conf".source
]
++ lib.mapAttrsToList (
name: _: config.environment.etc."firewalld/zones/${name}.xml".source
) config.services.firewalld.zones
++ lib.mapAttrsToList (
name: _: config.environment.etc."firewalld/services/${name}.xml".source
) config.services.firewalld.services;
environment.NIX_FIREWALLD_CONFIG_PATH = "${paths}/lib/firewalld";
};
};