diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2020-03-29 19:59:52 +0200 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2020-03-29 19:59:52 +0200 |
| commit | 1a5289f80367629e8bc784ef41d4c63c542316cf (patch) | |
| tree | 0788ff22ce8734a0af5069b198991763d2990371 /nixos/modules/security | |
| parent | 9e7c54325e0ddfa4c630872c15749f47c12def96 (diff) | |
| download | nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar.gz nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar.bz2 nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar.lz nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar.xz nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.tar.zst nixlib-1a5289f80367629e8bc784ef41d4c63c542316cf.zip | |
nixos/acme: don't depend on multi-user.target inside a container
On boot, a container doesn't have an uplink and would run into a timeout while waiting for cert renewal[1]. [1] https://github.com/NixOS/nixpkgs/pull/81371#issuecomment-605526099
Diffstat (limited to 'nixos/modules/security')
| -rw-r--r-- | nixos/modules/security/acme.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index b787a7675390..87217f1e3b90 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -318,7 +318,7 @@ in description = "Renew ACME Certificate for ${cert}"; after = [ "network.target" "network-online.target" ]; wants = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; + wantedBy = mkIf (!config.boot.isContainer) [ "multi-user.target" ]; serviceConfig = { Type = "oneshot"; # With RemainAfterExit the service is considered active even |