From 1d05061bb4b2369a7e021fed3bacb9106579f2dd Mon Sep 17 00:00:00 2001 From: Aminda Suomalainen Date: Fri, 29 Mar 2024 07:58:44 +0200 Subject: [PATCH] hack nordvpnd to work with yggdrasil --- etc/sudoers.d/nordvpnd | 3 +++ etc/systemd/system/nordvpnd.service.d/yggdrasil.conf | 4 ++++ etc/systemd/system/yggdrasil.service.d/nordvpnd.conf | 7 +++++++ 3 files changed, 14 insertions(+) create mode 100644 etc/systemd/system/nordvpnd.service.d/yggdrasil.conf create mode 100644 etc/systemd/system/yggdrasil.service.d/nordvpnd.conf diff --git a/etc/sudoers.d/nordvpnd b/etc/sudoers.d/nordvpnd index ff1f7471..df51cc4e 100644 --- a/etc/sudoers.d/nordvpnd +++ b/etc/sudoers.d/nordvpnd @@ -2,3 +2,6 @@ %nordvpn ALL=NOPASSWD: /bin/systemctl stop nordvpnd.service %nordvpn ALL=NOPASSWD: /bin/systemctl start nordvpnd.service %nordvpn ALL=NOPASSWD: /bin/systemctl restart nordvpnd.service +# used in my scripts and nordvpn.service.d and yggdrasil.service.d to ensure +# it works +%nordvpn ALL=NOPASSWD: /bin/systemctl restart yggdrasil.service diff --git a/etc/systemd/system/nordvpnd.service.d/yggdrasil.conf b/etc/systemd/system/nordvpnd.service.d/yggdrasil.conf new file mode 100644 index 00000000..9312162c --- /dev/null +++ b/etc/systemd/system/nordvpnd.service.d/yggdrasil.conf @@ -0,0 +1,4 @@ +# nordvpnd disables IPv6 which Yggdrasil depends on, so let's restart it. +# Note ../yggdrasil.service.d/ enabling IPv6 for all interfaces. +[Service] +ExecStartPost=systemctl restart yggdrasil.service --quiet diff --git a/etc/systemd/system/yggdrasil.service.d/nordvpnd.conf b/etc/systemd/system/yggdrasil.service.d/nordvpnd.conf new file mode 100644 index 00000000..c27ba28d --- /dev/null +++ b/etc/systemd/system/yggdrasil.service.d/nordvpnd.conf @@ -0,0 +1,7 @@ +# nordvpnd disables IPv6 for all interfaces and thus breaks Yggdrasil. This +# override gives yggdrasil.service two chances to ensure IPv6 is enabled. +[Service] +ExecStartPre=sysctl net.ipv6.conf.all.disable_ipv6=0 +ExecStartPost=sysctl net.ipv6.conf.all.disable_ipv6=0 +# I cannot use this as the interface won't exist until Yggdrasil starts +#ExecStartPost=sysctl net.ipv6.conf.yggdrasil.disable_ipv6=0