From 0972af55f16815c61626359be71cacf650d6400d Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Tue, 3 Nov 2020 21:54:14 +0100
Subject: [PATCH] netns: fix setup service restarts

---
 modules/netns-isolation.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix
index d29d7a7..915852c 100644
--- a/modules/netns-isolation.nix
+++ b/modules/netns-isolation.nix
@@ -172,8 +172,13 @@ in {
             ${netnsIptables} -w -A INPUT -s ${allowedAddresses} -j ACCEPT
             ${netnsIptables} -w -A OUTPUT -d ${allowedAddresses} -j ACCEPT
           '';
+          # Link deletion is implicit in netns deletion, but it sometimes only happens
+          # after `netns delete` finishes. Add an extra `link del` to ensure that
+          # the link is deleted before the service stops, which is needed for service
+          # restart to succeed.
           preStop = ''
             ${ip} netns delete ${netnsName}
+            ${ip} link del ${peer} 2> /dev/null || true
           '';
           serviceConfig = {
             Type = "oneshot";