[Nix-dev] ZeroTier-One service

[stewart mackenzie]

So, I'm setting up a service for ZeroTier-One, the issue arises when
the ZeroTierOne service tries to start.

After doing a `sudo nixos-rebuild build-vm -I
nixpkgs=~/nixdev/nixpkgs/ --fallback -j 8 --cores 8 --fast`
then `./result/bin/run-rivergod-vm`

once logged in to the vm I issue `sudo systemctl status zerotierone.service`
* zerotierone.service - ZeroTierOne
    Loaded: loaded
(/nix/store/nn7...-unit-zerotierone.service/zerotierone.service)
    Active: active (exited) (Result: exit-code) since Wed <the date>; 43s ago
    Process: 592
ExecStart=/nix/store/sxzz...-zerotierone/bin/zerotier-one -d home
/var/zerotierone (code=exited, status=226/NAMESPACE)
  Main PID: 592 (code=exited, status=226/NAMESPACE)
    CGroup: /system.slice/zerotierone.service

Jun 24 <time> <host> systemd[1]: Started ZeroTierOne.
Jun 24 <time> <host> systemd[592]: Failed at step NAMESPACE spawning
/nix/store/sxzz....-zerotierone/bin/zerotier-one: No such file or
directory
Jun 24 <time> <host> systemd[1]: zerotierone.service: main process
exited, code=exited, status=226/NAMESPACE

------ </snip>

Now to prove the directory exists I `cd /nix/store/sxzz*` without a problem

The below is the
nixdev/nixpkgs/nixos/modules/services/networking/zerotierone.nix
Please note the zerotier-one binary needs to be run as root.

What is the cause of the above 226/NAMESPACE error?


{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.services.zerotierone;
in
{
  options.services.zerotierone = {
    enable = mkOption {
      default = false;
      type = types.bool;
      description = "Whether to enable ZeroTierOne, the flat virtual
Ethernet networks of almost unlimited size.";
    };

    stateDir = mkOption {
      default = "/var/zerotierone";
      description = "Directory holding all state for zerotier-one to run.";
    };
  };

  config = mkIf cfg.enable {
    #environment.systemPackages = [ pkgs.zerotierone ];
    systemd.services.zerotierone = {
      description = "ZeroTierOne";
      path = [ pkgs.zerotierone ];
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
#      preStart =
#        ''
#        mkdir -p ${cfg.stateDir}
#        chmod 700 ${cfg.stateDir}
#        chown -R root:root ${cfg.stateDir}
#        '';
      serviceConfig = {
#        Type = "oneshot";
        RemainAfterExit = true;
        ReadWriteDirectories = cfg.stateDir;
        User = "root";
        PIDFile = "/run/zerotier-one.pid";
        ExecStart = "${pkgs.zerotierone}/bin/zerotier-one -d home
${cfg.stateDir}";
        Restart = "on-failure";
        RestartSec = "10s";
        StartLimitInterval = "1min";
      };
    };
  };
}