Run script on network interface down

nixinator · September 26, 2020, 9:55pm

I want to run a script when a network interface goes down. If it losses it ethernet carrier, either thru having the cable disconnected or an directly attached ethernet switch failure (power).

A normal linux system , you could place a script in /etc/network/if-down.d/ and you’d be good to go.

or wrangle head to head with the beast that is systemd.

https://andreas.scherbaum.la/blog/archives/963-if-up-and-if-down-scripts-with-systemd.html

However , how would i approach this in nixos? i see there is a few systemd targets.

systemctl | grep network
  network-addresses-enp0s25.service                                                                          loaded    active exited    Address configuration of enp0s25                         
  network-link-enp0s25.service                                                                               loaded    active exited    Link configuration of enp0s25                            
  network-local-commands.service                                                                             loaded    active exited    Extra networking commands.                               
  network-setup.service                                                                                      loaded    active exited    Networking Setup                                         
  network-interfaces.target                                                                                  loaded    active active    All Network Interfaces (deprecated)                      
  network-online.target                                                                                      loaded    active active    Network is Online                                        
  network-pre.target                                                                                         loaded    active active    Network (Pre)                                            
  network.target                                                                                             loaded    active active    Network

How would one approach this in the Nixos way?

gurkan · September 27, 2020, 5:43pm

If you’re using NetworkManager, you can use dispatcher feature declaratively. Here how I fiddle with a service depending on VPN status:

  networking.networkmanager = {
    insertNameservers = ["127.0.0.1"];
    dispatcherScripts = [ {
      source = pkgs.writeText "disableDNScryptOnVPN" ''
        #!/usr/bin/env ${pkgs.bash}/bin/bash

        if [[ "$2" == "vpn-up" ]]; then
          logger "VPN connected, disabling dnscrypt-proxy"
          ${pkgs.systemd}/bin/systemctl stop dnscrypt-proxy
        fi
        if [[ "$2" == "vpn-down" ]]; then
          logger "VPN disconnected, enabling dnscrypt-proxy"
          ${pkgs.systemd}/bin/systemctl start dnscrypt-proxy
        fi
      '';
      type = "basic";
      }
    ];
  };

There is also networkd-dispatcher service for networkd (which I am unable to find within nixos options with a quick search), but I don’t have many ideas about how to do it if you don’t use these services to manage your networks.

nixinator · September 29, 2020, 5:02pm

I’ll take a look at networkmanager and see if can do that job.

Be nice to get something that works without extra packages being added.

Thanks for taking the time to help.