nixos-module/container/upstream: catch failures
This commit is contained in:
parent
b23b687dfb
commit
33a4e65f69
|
@ -53,7 +53,8 @@ in
|
||||||
extraCommands =
|
extraCommands =
|
||||||
builtins.concatStringsSep "\n" (
|
builtins.concatStringsSep "\n" (
|
||||||
map (net: ''
|
map (net: ''
|
||||||
ip6tables -t nat -N ${net}_nat
|
ip6tables -t nat -N ${net}_nat || \
|
||||||
|
ip6tables -t nat -F ${net}_nat
|
||||||
${builtins.concatStringsSep "\n" (
|
${builtins.concatStringsSep "\n" (
|
||||||
map (subnet: ''
|
map (subnet: ''
|
||||||
ip6tables -t nat -A ${net}_nat \
|
ip6tables -t nat -A ${net}_nat \
|
||||||
|
@ -71,8 +72,9 @@ in
|
||||||
extraStopCommands =
|
extraStopCommands =
|
||||||
builtins.concatStringsSep "\n" (
|
builtins.concatStringsSep "\n" (
|
||||||
map (net: ''
|
map (net: ''
|
||||||
ip6tables -t nat -F POSTROUTING
|
ip6tables -t nat -F POSTROUTING 2>/dev/null || true
|
||||||
ip6tables -t nat -X ${net}_nat
|
ip6tables -t nat -F ${net}_nat 2>/dev/null || true
|
||||||
|
ip6tables -t nat -X ${net}_nat 2>/dev/null || true
|
||||||
'') (builtins.attrNames upstreamInterfaces)
|
'') (builtins.attrNames upstreamInterfaces)
|
||||||
);
|
);
|
||||||
inherit (hostConf) forwardPorts;
|
inherit (hostConf) forwardPorts;
|
||||||
|
|
Loading…
Reference in New Issue