openvpn service: source up/down scripts

source the up/down scripts instead of executing them to avoid loosing access to special variables like $1
2017-04-21 10:55:11 +02:00 · 2017-04-21 10:55:11 +02:00 · 50ad243f78
commit 50ad243f78
parent b6714f524b
1 changed files with 13 additions and 3 deletions
--- a/nixos/modules/services/networking/openvpn.nix
+++ b/nixos/modules/services/networking/openvpn.nix
@ -28,9 +28,10 @@ let
          fi
        done

-        ${cfg.up}
        ${optionalString cfg.updateResolvConf
           "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf"}
+
+        ${optionalString (cfg.up != "") "source ${userSuppliedUpScript}"}
      '';

      downScript = ''
@ -38,6 +39,15 @@ let
        export PATH=${path}
        ${optionalString cfg.updateResolvConf
           "${pkgs.update-resolv-conf}/libexec/openvpn/update-resolv-conf"}
+
+        ${optionalString (cfg.down != "") "source ${userSuppliedDownScript}"}
+      '';
+
+      userSuppliedUpScript = pkgs.writeScript "openvpn-${name}-userSuppliedUpScript" ''
+        ${cfg.up}
+      '';
+
+      userSuppliedDownScript = pkgs.writeScript "openvpn-${name}-userSuppliedDownScript" ''
        ${cfg.down}
      '';

@ -133,7 +143,7 @@ in
            default = "";
            type = types.lines;
            description = ''
-              Shell commands executed when the instance is starting.
+              Shell script sourced by NixOS generated script when the instance is starting.
            '';
          };

@ -141,7 +151,7 @@ in
            default = "";
            type = types.lines;
            description = ''
-              Shell commands executed when the instance is shutting down.
+              Shell script sourced by NixOS generated script when the instance is shutting down.
            '';
          };