From 3cd1a6706ceaeca09b3cc15322f9c75d25883a46 Mon Sep 17 00:00:00 2001
From: Peng Mei Yu <i@pengmeiyu.com>
Date: Tue, 8 Dec 2020 09:18:13 +0800
Subject: [PATCH] unbound: Add AF_NETLINK to allowed address families.

Unbound throws the following error:

--8<---------------cut here---------------start------------->8---
error: failed to list interfaces: getifaddrs: Address family not supported by protocol
fatal error: could not open ports
--8<---------------cut here---------------end--------------->8---

The solution is pulled from upstream:
https://github.com/NLnetLabs/unbound/pull/351
---
 nixos/modules/services/networking/unbound.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/networking/unbound.nix b/nixos/modules/services/networking/unbound.nix
index 9a46fa3075fa..622c3d8ea434 100644
--- a/nixos/modules/services/networking/unbound.nix
+++ b/nixos/modules/services/networking/unbound.nix
@@ -195,7 +195,7 @@ in
         RuntimeDirectory = "unbound";
         ConfigurationDirectory = "unbound";
         StateDirectory = "unbound";
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
+        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_NETLINK" "AF_UNIX" ];
         RestrictRealtime = true;
         SystemCallArchitectures = "native";
         SystemCallFilter = [