public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/system/boot/networkd.nix

1581 lines
51 KiB
Nix
Raw Normal View History

systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
{ config, lib, pkgs, ... }:
with lib;
with import ./systemd-unit-options.nix { inherit config lib; };
Fix #7476
2015-04-20 11:31:17 +02:00
with import ./systemd-lib.nix { inherit config lib pkgs; };
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
let
cfg = config.systemd.network;
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
check = {
link = {
sectionLink = checkUnitConfig "Link" [
(assertOnlyFields [
"Description"
"Alias"
"MACAddressPolicy"
"MACAddress"
"NamePolicy"
"Name"
"AlternativeNamesPolicy"
"AlternativeName"
"MTUBytes"
"BitsPerSecond"
"Duplex"
"AutoNegotiation"
"WakeOnLan"
"Port"
"Advertise"
"ReceiveChecksumOffload"
"TransmitChecksumOffload"
"TCPSegmentationOffload"
"TCP6SegmentationOffload"
"GenericSegmentationOffload"
"GenericReceiveOffload"
"LargeReceiveOffload"
"RxChannels"
"TxChannels"
"OtherChannels"
"CombinedChannels"
"RxBufferSize"
"TxBufferSize"
])
(assertValueOneOf "MACAddressPolicy" ["persistent" "random" "none"])
(assertMacAddress "MACAddress")
(assertByteFormat "MTUBytes")
(assertByteFormat "BitsPerSecond")
(assertValueOneOf "Duplex" ["half" "full"])
(assertValueOneOf "AutoNegotiation" boolValues)
(assertValueOneOf "WakeOnLan" ["phy" "unicast" "multicast" "broadcast" "arp" "magic" "secureon" "off"])
(assertValueOneOf "Port" ["tp" "aui" "bnc" "mii" "fibre"])
(assertValueOneOf "ReceiveChecksumOffload" boolValues)
(assertValueOneOf "TransmitChecksumOffload" boolValues)
(assertValueOneOf "TCPSegmentationOffload" boolValues)
(assertValueOneOf "TCP6SegmentationOffload" boolValues)
(assertValueOneOf "GenericSegmentationOffload" boolValues)
(assertValueOneOf "GenericReceiveOffload" boolValues)
(assertValueOneOf "LargeReceiveOffload" boolValues)
(assertInt "RxChannels")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "RxChannels" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertInt "TxChannels")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "TxChannels" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertInt "OtherChannels")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "OtherChannels" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertInt "CombinedChannels")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "CombinedChannels" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertInt "RxBufferSize")
(assertInt "TxBufferSize")
];
};
netdev = let
tunChecks = [
(assertOnlyFields [
"MultiQueue"
"PacketInfo"
"VNetHeader"
"User"
"Group"
])
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
(assertValueOneOf "VNetHeader" boolValues)
];
in {
sectionNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description"
"Name"
"Kind"
"MTUBytes"
"MACAddress"
])
(assertHasField "Name")
(assertHasField "Kind")
(assertValueOneOf "Kind" [
"bond"
"bridge"
"dummy"
"gre"
"gretap"
"erspan"
"ip6gre"
"ip6tnl"
"ip6gretap"
"ipip"
"ipvlan"
"macvlan"
"macvtap"
"sit"
"tap"
"tun"
"veth"
"vlan"
"vti"
"vti6"
"vxlan"
"geneve"
"l2tp"
"macsec"
"vrf"
"vcan"
"vxcan"
"wireguard"
"netdevsim"
"nlmon"
"fou"
"xfrm"
"ifb"
])
(assertByteFormat "MTUBytes")
(assertMacAddress "MACAddress")
];
sectionVLAN = checkUnitConfig "VLAN" [
(assertOnlyFields [
"Id"
"GVRP"
"MVRP"
"LooseBinding"
"ReorderHeader"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "Id")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "Id" 0 4094)
(assertValueOneOf "GVRP" boolValues)
(assertValueOneOf "MVRP" boolValues)
(assertValueOneOf "LooseBinding" boolValues)
(assertValueOneOf "ReorderHeader" boolValues)
];
sectionMACVLAN = checkUnitConfig "MACVLAN" [
(assertOnlyFields [
"Mode"
])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
sectionVXLAN = checkUnitConfig "VXLAN" [
(assertOnlyFields [
"VNI"
"Remote"
"Local"
"Group"
"TOS"
"TTL"
"MacLearning"
"FDBAgeingSec"
"MaximumFDBEntries"
"ReduceARPProxy"
"L2MissNotification"
"L3MissNotification"
"RouteShortCircuit"
"UDPChecksum"
"UDP6ZeroChecksumTx"
"UDP6ZeroChecksumRx"
"RemoteChecksumTx"
"RemoteChecksumRx"
"GroupPolicyExtension"
"GenericProtocolExtension"
"DestinationPort"
"PortRange"
"FlowLabel"
"IPDoNotFragment"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "VNI")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "VNI" 1 16777215)
(assertValueOneOf "MacLearning" boolValues)
(assertInt "MaximumFDBEntries")
(assertValueOneOf "ReduceARPProxy" boolValues)
(assertValueOneOf "L2MissNotification" boolValues)
(assertValueOneOf "L3MissNotification" boolValues)
(assertValueOneOf "RouteShortCircuit" boolValues)
(assertValueOneOf "UDPChecksum" boolValues)
(assertValueOneOf "UDP6ZeroChecksumTx" boolValues)
(assertValueOneOf "UDP6ZeroChecksumRx" boolValues)
(assertValueOneOf "RemoteChecksumTx" boolValues)
(assertValueOneOf "RemoteChecksumRx" boolValues)
(assertValueOneOf "GroupPolicyExtension" boolValues)
(assertValueOneOf "GenericProtocolExtension" boolValues)
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "FlowLabel")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "FlowLabel" 0 1048575)
(assertValueOneOf "IPDoNotFragment" (boolValues + ["inherit"]))
];
sectionTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields [
"Local"
"Remote"
"TOS"
"TTL"
"DiscoverPathMTU"
"IPv6FlowLabel"
"CopyDSCP"
"EncapsulationLimit"
"Key"
"InputKey"
"OutputKey"
"Mode"
"Independent"
"AssignToLoopback"
"AllowLocalRemote"
"FooOverUDP"
"FOUDestinationPort"
"FOUSourcePort"
"Encapsulation"
"IPv6RapidDeploymentPrefix"
"ISATAP"
"SerializeTunneledPackets"
"ERSPANIndex"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "TTL")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "TTL" 0 255)
(assertValueOneOf "DiscoverPathMTU" boolValues)
(assertValueOneOf "CopyDSCP" boolValues)
(assertValueOneOf "Mode" ["ip6ip6" "ipip6" "any"])
(assertValueOneOf "Independent" boolValues)
(assertValueOneOf "AssignToLoopback" boolValues)
(assertValueOneOf "AllowLocalRemote" boolValues)
(assertValueOneOf "FooOverUDP" boolValues)
(assertPort "FOUDestinationPort")
(assertPort "FOUSourcePort")
(assertValueOneOf "Encapsulation" ["FooOverUDP" "GenericUDPEncapsulation"])
(assertValueOneOf "ISATAP" boolValues)
(assertValueOneOf "SerializeTunneledPackets" boolValues)
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "ERSPANIndex")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "ERSPANIndex" 1 1048575)
];
sectionPeer = checkUnitConfig "Peer" [
(assertOnlyFields [
"Name"
"MACAddress"
])
(assertMacAddress "MACAddress")
];
sectionTun = checkUnitConfig "Tun" tunChecks;
sectionTap = checkUnitConfig "Tap" tunChecks;
# NOTE The PrivateKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable let's
# refrain ourselves from providing a footgun.
sectionWireGuard = checkUnitConfig "WireGuard" [
(assertOnlyFields [
"PrivateKeyFile"
"ListenPort"
"FirewallMark"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "FirewallMark")
(assertRange "FirewallMark" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
];
# NOTE The PresharedKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable,let's
# refrain ourselves from providing a footgun.
sectionWireGuardPeer = checkUnitConfig "WireGuardPeer" [
(assertOnlyFields [
"PublicKey"
"PresharedKeyFile"
"AllowedIPs"
"Endpoint"
"PersistentKeepalive"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "PersistentKeepalive")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "PersistentKeepalive" 0 65535)
];
sectionBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode"
"TransmitHashPolicy"
"LACPTransmitRate"
"MIIMonitorSec"
"UpDelaySec"
"DownDelaySec"
"LearnPacketIntervalSec"
"AdSelect"
"AdActorSystemPriority"
"AdUserPortKey"
"AdActorSystem"
"FailOverMACPolicy"
"ARPValidate"
"ARPIntervalSec"
"ARPIPTargets"
"ARPAllTargets"
"PrimaryReselectPolicy"
"ResendIGMP"
"PacketsPerSlave"
"GratuitousARP"
"AllSlavesActive"
"DynamicTransmitLoadBalancing"
"MinLinks"
])
(assertValueOneOf "Mode" [
"balance-rr"
"active-backup"
"balance-xor"
"broadcast"
"802.3ad"
"balance-tlb"
"balance-alb"
])
(assertValueOneOf "TransmitHashPolicy" [
"layer2"
"layer3+4"
"layer2+3"
"encap2+3"
"encap3+4"
])
(assertValueOneOf "LACPTransmitRate" ["slow" "fast"])
(assertValueOneOf "AdSelect" ["stable" "bandwidth" "count"])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "AdActorSystemPriority")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "AdActorSystemPriority" 1 65535)
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "AdUserPortKey")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "AdUserPortKey" 0 1023)
(assertValueOneOf "FailOverMACPolicy" ["none" "active" "follow"])
(assertValueOneOf "ARPValidate" ["none" "active" "backup" "all"])
(assertValueOneOf "ARPAllTargets" ["any" "all"])
(assertValueOneOf "PrimaryReselectPolicy" ["always" "better" "failure"])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "ResendIGMP")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "ResendIGMP" 0 255)
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "PacketsPerSlave")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "PacketsPerSlave" 0 65535)
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "GratuitousARP")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "GratuitousARP" 0 255)
(assertValueOneOf "AllSlavesActive" boolValues)
(assertValueOneOf "DynamicTransmitLoadBalancing" boolValues)
(assertInt "MinLinks")
(assertMinimum "MinLinks" 0)
];
sectionXfrm = checkUnitConfig "Xfrm" [
(assertOnlyFields [
"InterfaceId"
"Independent"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "InterfaceId")
(assertRange "InterfaceId" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertValueOneOf "Independent" boolValues)
];
sectionVRF = checkUnitConfig "VRF" [
(assertOnlyFields [
"Table"
])
(assertInt "Table")
(assertMinimum "Table" 0)
];
};
network = {
sectionLink = checkUnitConfig "Link" [
(assertOnlyFields [
"MACAddress"
"MTUBytes"
"ARP"
"Multicast"
"AllMulticast"
"Unmanaged"
"RequiredForOnline"
])
(assertMacAddress "MACAddress")
(assertByteFormat "MTUBytes")
(assertValueOneOf "ARP" boolValues)
(assertValueOneOf "Multicast" boolValues)
(assertValueOneOf "AllMulticast" boolValues)
(assertValueOneOf "Unmanaged" boolValues)
(assertValueOneOf "RequiredForOnline" (boolValues ++ [
"missing"
"off"
"no-carrier"
"dormant"
"degraded-carrier"
"carrier"
"degraded"
"enslaved"
"routable"
]))
];
sectionNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description"
"DHCP"
"DHCPServer"
"LinkLocalAddressing"
"IPv4LLRoute"
"DefaultRouteOnDevice"
"IPv6Token"
"LLMNR"
"MulticastDNS"
"DNSOverTLS"
"DNSSEC"
"DNSSECNegativeTrustAnchors"
"LLDP"
"EmitLLDP"
"BindCarrier"
"Address"
"Gateway"
"DNS"
"Domains"
"DNSDefaultRoute"
"NTP"
"IPForward"
"IPMasquerade"
"IPv6PrivacyExtensions"
"IPv6AcceptRA"
"IPv6DuplicateAddressDetection"
"IPv6HopLimit"
"IPv4ProxyARP"
"IPv6ProxyNDP"
"IPv6ProxyNDPAddress"
"IPv6PrefixDelegation"
"IPv6MTUBytes"
"Bridge"
"Bond"
"VRF"
"VLAN"
"IPVLAN"
"MACVLAN"
"VXLAN"
"Tunnel"
"MACsec"
"ActiveSlave"
"PrimarySlave"
"ConfigureWithoutCarrier"
"IgnoreCarrierLoss"
"Xfrm"
"KeepConfiguration"
])
# Note: For DHCP the values both, none, v4, v6 are deprecated
(assertValueOneOf "DHCP" ["yes" "no" "ipv4" "ipv6"])
(assertValueOneOf "DHCPServer" boolValues)
(assertValueOneOf "LinkLocalAddressing" ["yes" "no" "ipv4" "ipv6" "fallback" "ipv4-fallback"])
(assertValueOneOf "IPv4LLRoute" boolValues)
(assertValueOneOf "DefaultRouteOnDevice" boolValues)
(assertValueOneOf "LLMNR" (boolValues ++ ["resolve"]))
(assertValueOneOf "MulticastDNS" (boolValues ++ ["resolve"]))
(assertValueOneOf "DNSOverTLS" (boolValues ++ ["opportunistic"]))
(assertValueOneOf "DNSSEC" (boolValues ++ ["allow-downgrade"]))
(assertValueOneOf "LLDP" (boolValues ++ ["routers-only"]))
(assertValueOneOf "EmitLLDP" (boolValues ++ ["nearest-bridge" "non-tpmr-bridge" "customer-bridge"]))
(assertValueOneOf "DNSDefaultRoute" boolValues)
(assertValueOneOf "IPForward" (boolValues ++ ["ipv4" "ipv6"]))
(assertValueOneOf "IPMasquerade" boolValues)
(assertValueOneOf "IPv6PrivacyExtensions" (boolValues ++ ["prefer-public" "kernel"]))
(assertValueOneOf "IPv6AcceptRA" boolValues)
(assertInt "IPv6DuplicateAddressDetection")
(assertMinimum "IPv6DuplicateAddressDetection" 0)
(assertInt "IPv6HopLimit")
(assertMinimum "IPv6HopLimit" 0)
(assertValueOneOf "IPv4ProxyARP" boolValues)
(assertValueOneOf "IPv6ProxyNDP" boolValues)
(assertValueOneOf "IPv6PrefixDelegation" ["static" "dhcpv6" "yes" "false"])
(assertByteFormat "IPv6MTUBytes")
(assertValueOneOf "ActiveSlave" boolValues)
(assertValueOneOf "PrimarySlave" boolValues)
(assertValueOneOf "ConfigureWithoutCarrier" boolValues)
(assertValueOneOf "IgnoreCarrierLoss" boolValues)
(assertValueOneOf "KeepConfiguration" (boolValues ++ ["static" "dhcp-on-stop" "dhcp"]))
];
sectionAddress = checkUnitConfig "Address" [
(assertOnlyFields [
"Address"
"Peer"
"Broadcast"
"Label"
"PreferredLifetime"
"Scope"
"HomeAddress"
"DuplicateAddressDetection"
"ManageTemporaryAddress"
"AddPrefixRoute"
"AutoJoin"
])
(assertHasField "Address")
(assertValueOneOf "PreferredLifetime" ["forever" "infinity" "0" 0])
(assertValueOneOf "HomeAddress" boolValues)
(assertValueOneOf "DuplicateAddressDetection" ["ipv4" "ipv6" "both" "none"])
(assertValueOneOf "ManageTemporaryAddress" boolValues)
(assertValueOneOf "AddPrefixRoute" boolValues)
(assertValueOneOf "AutoJoin" boolValues)
];
sectionRoutingPolicyRule = checkUnitConfig "RoutingPolicyRule" [
(assertOnlyFields [
"TypeOfService"
"From"
"To"
"FirewallMark"
"Table"
"Priority"
"IncomingInterface"
"OutgoingInterface"
"SourcePort"
"DestinationPort"
"IPProtocol"
"InvertRule"
"Family"
"User"
"SuppressPrefixLength"
])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "TypeOfService")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "TypeOfService" 0 255)
(assertInt "FirewallMark")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "FirewallMark" 1 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertInt "Priority")
(assertPort "SourcePort")
(assertPort "DestinationPort")
(assertValueOneOf "InvertRule" boolValues)
(assertValueOneOf "Family" ["ipv4" "ipv6" "both"])
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertInt "SuppressPrefixLength")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertRange "SuppressPrefixLength" 0 128)
];
sectionRoute = checkUnitConfig "Route" [
(assertOnlyFields [
"Gateway"
"GatewayOnLink"
"Destination"
"Source"
"Metric"
"IPv6Preference"
"Scope"
"PreferredSource"
"Table"
"Protocol"
"Type"
"InitialCongestionWindow"
"InitialAdvertisedReceiveWindow"
"QuickAck"
"FastOpenNoCookie"
"TTLPropagate"
"MTUBytes"
"IPServiceType"
"MultiPathRoute"
])
(assertValueOneOf "GatewayOnLink" boolValues)
(assertInt "Metric")
(assertValueOneOf "IPv6Preference" ["low" "medium" "high"])
(assertValueOneOf "Scope" ["global" "site" "link" "host" "nowhere"])
(assertValueOneOf "Type" [
"unicast"
"local"
"broadcast"
"anycast"
"multicast"
"blackhole"
"unreachable"
"prohibit"
"throw"
"nat"
"xresolve"
])
(assertValueOneOf "QuickAck" boolValues)
(assertValueOneOf "FastOpenNoCookie" boolValues)
(assertValueOneOf "TTLPropagate" boolValues)
(assertByteFormat "MTUBytes")
(assertValueOneOf "IPServiceType" ["CS6" "CS4"])
];
sectionDHCPv4 = checkUnitConfig "DHCPv4" [
(assertOnlyFields [
"UseDNS"
"RoutesToDNS"
"UseNTP"
"UseSIP"
"UseMTU"
"Anonymize"
"SendHostname"
"UseHostname"
"Hostname"
"UseDomains"
"UseRoutes"
"UseTimezone"
"ClientIdentifier"
"VendorClassIdentifier"
"UserClass"
"MaxAttempts"
"DUIDType"
"DUIDRawData"
"IAID"
"RequestBroadcast"
"RouteMetric"
"RouteTable"
"RouteMTUBytes"
"ListenPort"
"SendRelease"
"SendDecline"
"BlackList"
"RequestOptions"
"SendOption"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "RoutesToDNS" boolValues)
(assertValueOneOf "UseNTP" boolValues)
(assertValueOneOf "UseSIP" boolValues)
(assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "Anonymize" boolValues)
(assertValueOneOf "SendHostname" boolValues)
(assertValueOneOf "UseHostname" boolValues)
(assertValueOneOf "UseDomains" (boolValues ++ ["route"]))
(assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "UseTimezone" boolValues)
(assertValueOneOf "ClientIdentifier" ["mac" "duid" "duid-only"])
(assertInt "IAID")
(assertValueOneOf "RequestBroadcast" boolValues)
(assertInt "RouteMetric")
(assertInt "RouteTable")
nixos/networkd: use assertRange with 64bits integers
2020-07-09 10:12:22 +02:00
(assertRange "RouteTable" 0 4294967295)
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
(assertByteFormat "RouteMTUBytes")
(assertPort "ListenPort")
(assertValueOneOf "SendRelease" boolValues)
(assertValueOneOf "SendDecline" boolValues)
];
sectionDHCPv6 = checkUnitConfig "DHCPv6" [
(assertOnlyFields [
"UseDNS"
"UseNTP"
"RapidCommit"
"ForceDHCPv6PDOtherInformation"
"PrefixDelegationHint"
nixos/networkd: allow RouteMetric= in [DHCPv6] section
2020-10-29 19:47:42 +01:00
"RouteMetric"
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseNTP" boolValues)
(assertValueOneOf "RapidCommit" boolValues)
(assertValueOneOf "ForceDHCPv6PDOtherInformation" boolValues)
nixos/networkd: allow RouteMetric= in [DHCPv6] section
2020-10-29 19:47:42 +01:00
(assertInt "RouteMetric")
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
];
sectionDHCPServer = checkUnitConfig "DHCPServer" [
(assertOnlyFields [
"PoolOffset"
"PoolSize"
"DefaultLeaseTimeSec"
"MaxLeaseTimeSec"
"EmitDNS"
"DNS"
"EmitNTP"
"NTP"
"EmitSIP"
"SIP"
"EmitRouter"
"EmitTimezone"
"Timezone"
"SendOption"
])
(assertInt "PoolOffset")
(assertMinimum "PoolOffset" 0)
(assertInt "PoolSize")
(assertMinimum "PoolSize" 0)
(assertValueOneOf "EmitDNS" boolValues)
(assertValueOneOf "EmitNTP" boolValues)
(assertValueOneOf "EmitSIP" boolValues)
(assertValueOneOf "EmitRouter" boolValues)
(assertValueOneOf "EmitTimezone" boolValues)
];
sectionIPv6PrefixDelegation = checkUnitConfig "IPv6PrefixDelegation" [
(assertOnlyFields [
"Managed"
"OtherInformation"
"RouterLifetimeSec"
"RouterPreference"
"EmitDNS"
"DNS"
"EmitDomains"
"Domains"
"DNSLifetimeSec"
])
(assertValueOneOf "Managed" boolValues)
(assertValueOneOf "OtherInformation" boolValues)
(assertValueOneOf "RouterPreference" ["high" "medium" "low" "normal" "default"])
(assertValueOneOf "EmitDNS" boolValues)
(assertValueOneOf "EmitDomains" boolValues)
];
sectionIPv6Prefix = checkUnitConfig "IPv6Prefix" [
(assertOnlyFields [
"AddressAutoconfiguration"
"OnLink"
"Prefix"
"PreferredLifetimeSec"
"ValidLifetimeSec"
])
(assertValueOneOf "AddressAutoconfiguration" boolValues)
(assertValueOneOf "OnLink" boolValues)
];
};
};
nixos/systemd-networkd: allow [Link] section in .network files
2017-07-27 19:49:56 +02:00
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
commonNetworkOptions = {
enable = mkOption {
networkd: Fix disabled networkd units. In f8dbe5f, the default value for networking unit "enabled" option suddenly flipped to false. I have no idea of whether this happened by accident, but I'm setting it to true again, because it essentially breaks systemd networking support and we have systemd.network.enable to have a "turn the world off" switch. And of course, because the mentioned commit obviously wasn't done with even a run of the simplest run of one of the network VM tests, we now get an evaluation error if we switch useNetworkd to true. Fixes the core issue of #7505. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:20:54 +02:00
default = true;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
type = types.bool;
description = ''
Whether to manage network configuration using <command>systemd-network</command>.
'';
};
matchConfig = mkOption {
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
description = ''
Each attribute in this set specifies an option in the
<literal>[Match]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.
'';
};
networkd: add extraConfig to all units networkd options are always correct or up to date. This option allows to by pass type checking. It is also easier to write because examples can be just copy and paste from manpages.
2016-12-17 12:03:40 +01:00
extraConfig = mkOption {
default = "";
type = types.lines;
description = "Extra configuration append to unit";
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
linkOptions = commonNetworkOptions // {
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
# overwrite enable option from above
enable = mkOption {
default = true;
type = types.bool;
description = ''
Whether to enable this .link unit. It's handled by udev no matter if <command>systemd-networkd</command> is enabled or not
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.link.sectionLink;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
wireguardPeerOptions = {
options = {
wireguardPeerConfig = mkOption {
default = {};
example = { };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionWireGuardPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[WireGuardPeer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionNetdev;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlanConfig = mkOption {
default = {};
nixos/networkd: fix systemd.network.netdevs.<name>.vlanConfig.Id example This is passed as integer, not string. Closes https://github.com/NixOS/nixpkgs/issues/91172.
2020-07-08 20:43:17 +02:00
example = { Id = 4; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVLAN;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionMACVLAN;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVXLAN;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTunnel;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionPeer;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTun;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTap;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
wireguardConfig = mkOption {
default = {};
example = {
PrivateKeyFile = "/etc/wireguard/secret.key";
ListenPort = 51820;
FwMark = 42;
};
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionWireGuard;
description = ''
Each attribute in this set specifies an option in the
<literal>[WireGuard]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
Use <literal>PrivateKeyFile</literal> instead of
<literal>PrivateKey</literal>: the nix store is
world-readable.
'';
};
wireguardPeers = mkOption {
default = [];
example = [ { wireguardPeerConfig={
Endpoint = "192.168.1.1:51820";
PublicKey = "27s0OvaBBdHoJYkH9osZpjpgSOVNw+RaKfboT/Sfq0g=";
PresharedKeyFile = "/etc/wireguard/psk.key";
AllowedIPs = [ "10.0.0.1/32" ];
PersistentKeepalive = 15;
};}];
type = with types; listOf (submodule wireguardPeerOptions);
description = ''
Each item in this array specifies an option in the
<literal>[WireGuardPeer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
Use <literal>PresharedKeyFile</literal> instead of
<literal>PresharedKey</literal>: the nix store is
world-readable.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionBond;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd-networkd: add configuration for XFRM interfaces
2020-01-14 10:37:52 +01:00
xfrmConfig = mkOption {
default = {};
example = { InterfaceId = 1; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionXfrm;
systemd-networkd: add configuration for XFRM interfaces
2020-01-14 10:37:52 +01:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Xfrm]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
vrfConfig = mkOption {
default = {};
example = { Table = 2342; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVRF;
description = ''
Each attribute in this set specifies an option in the
<literal>[VRF]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
A detailed explanation about how VRFs work can be found in the
<link xlink:href="https://www.kernel.org/doc/Documentation/networking/vrf.txt">kernel
docs</link>.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
addressOptions = {
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
options = {
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionAddress;
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
};
nixos/networkd: Add the RoutingPolicyRule-related options
2020-02-29 18:17:27 +01:00
routingPolicyRulesOptions = {
options = {
routingPolicyRuleConfig = mkOption {
default = { };
nixos/networkd: test routingPolicyRules with a nixos vm test
2020-02-29 19:34:48 +01:00
example = { routingPolicyRuleConfig = { Table = 10; IncomingInterface = "eth1"; Family = "both"; } ;};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionRoutingPolicyRule;
nixos/networkd: Add the RoutingPolicyRule-related options
2020-02-29 18:17:27 +01:00
description = ''
Each attribute in this set specifies an option in the
<literal>[RoutingPolicyRule]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
routeOptions = {
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
options = {
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionRoute;
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
};
nixos/networkd: add ipv6Prefix
2020-03-07 15:06:58 +01:00
ipv6PrefixOptions = {
options = {
ipv6PrefixConfig = mkOption {
default = {};
example = { Prefix = "fd00::/64"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionIPv6Prefix;
nixos/networkd: add ipv6Prefix
2020-03-07 15:06:58 +01:00
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6Prefix]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
networkOptions = commonNetworkOptions // {
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
linkConfig = mkOption {
default = {};
example = { Unmanaged = true; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionNetwork;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: rename the networkd dhcpConfig option to dhcpV4Config This follows upstreams change in documentation. While the `[DHCP]` section might still work it is undocumented and we should probably not be using it anymore. Users can just upgrade to the new option without much hassle. I had to create a bit of custom module deprecation code since the usual approach doesn't support wildcards in the path.
2020-01-08 20:18:26 +01:00
# systemd.network.networks.*.dhcpConfig has been deprecated in favor of ….dhcpV4Config
# Produce a nice warning message so users know it is gone.
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
dhcpConfig = mkOption {
nixos/networkd: rename the networkd dhcpConfig option to dhcpV4Config This follows upstreams change in documentation. While the `[DHCP]` section might still work it is undocumented and we should probably not be using it anymore. Users can just upgrade to the new option without much hassle. I had to create a bit of custom module deprecation code since the usual approach doesn't support wildcards in the path.
2020-01-08 20:18:26 +01:00
visible = false;
apply = _: throw "The option `systemd.network.networks.*.dhcpConfig` can no longer be used since it's been removed. Please use `systemd.network.networks.*.dhcpV4Config` instead.";
};
dhcpV4Config = mkOption {
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
default = {};
example = { UseDNS = true; UseRoutes = true; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPv4;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
Each attribute in this set specifies an option in the
nixos/networkd: rename the networkd dhcpConfig option to dhcpV4Config This follows upstreams change in documentation. While the `[DHCP]` section might still work it is undocumented and we should probably not be using it anymore. Users can just upgrade to the new option without much hassle. I had to create a bit of custom module deprecation code since the usual approach doesn't support wildcards in the path.
2020-01-08 20:18:26 +01:00
<literal>[DHCPv4]</literal> section of the unit. See
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: introduce the DHCPv6 network section eqivalent You can now specify option for the `[DHCPv6]` section with `systemd.network.<name>.dhcpV6Config.…`. Previously you could only use the combined legacy DHCP configuration.
2020-01-08 20:15:09 +01:00
dhcpV6Config = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPv6;
nixos/networkd: introduce the DHCPv6 network section eqivalent You can now specify option for the `[DHCPv6]` section with `systemd.network.<name>.dhcpV6Config.…`. Previously you could only use the combined legacy DHCP configuration.
2020-01-08 20:15:09 +01:00
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPv6]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
dhcpServerConfig = mkOption {
nixos/networkd: add ipv6PrefixDelegationConfig to networkd
2020-03-07 14:44:46 +01:00
default = {};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
example = { PoolOffset = 50; EmitDNS = false; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPServer;
nixos/networkd: add ipv6PrefixDelegationConfig to networkd
2020-03-07 14:44:46 +01:00
description = ''
Each attribute in this set specifies an option in the
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
<literal>[DHCPServer]</literal> section of the unit. See
nixos/networkd: add ipv6Prefix
2020-03-07 15:06:58 +01:00
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
ipv6PrefixDelegationConfig = mkOption {
networkd: add DHCPServer config section
2015-12-23 06:04:39 +01:00
default = {};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
example = { EmitDNS = true; Managed = true; OtherInformation = true; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionIPv6PrefixDelegation;
networkd: add DHCPServer config section
2015-12-23 06:04:39 +01:00
description = ''
Each attribute in this set specifies an option in the
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
<literal>[IPv6PrefixDelegation]</literal> section of the unit. See
networkd: add DHCPServer config section
2015-12-23 06:04:39 +01:00
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
ipv6Prefixes = mkOption {
default = [];
example = { AddressAutoconfiguration = true; OnLink = true; };
type = with types; listOf (submodule ipv6PrefixOptions);
nixos/systemd-networkd: allow [Link] section in .network files
2017-07-27 19:49:56 +02:00
description = ''
nixos/networkd: reoder code to match networkd documentation
2020-07-01 18:05:32 +02:00
A list of ipv6Prefix sections to be added to the unit. See
nixos/systemd-networkd: allow [Link] section in .network files
2017-07-27 19:49:56 +02:00
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The name of the network interface to match against.
'';
};
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Whether to enable DHCP on the interfaces matched.
'';
};
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
A list of domains to pass to the network config.
'';
};
address = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of addresses to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
gateway = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of gateways to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dns = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of dns servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ntp = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of ntp servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: add missing options
2018-07-30 09:22:33 +02:00
bridge = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of bridge interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bond = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of bond interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vrf = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vrf interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
vlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of macvlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vxlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnel = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of tunnel interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd-networkd: add configuration for XFRM interfaces
2020-01-14 10:37:52 +01:00
xfrm = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of xfrm interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
addresses = mkOption {
default = [ ];
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
type = with types; listOf (submodule addressOptions);
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
A list of address sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
nixos/networkd: Add the RoutingPolicyRule-related options
2020-02-29 18:17:27 +01:00
routingPolicyRules = mkOption {
default = [ ];
type = with types; listOf (submodule routingPolicyRulesOptions);
description = ''
A list of routing policy rules sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
routes = mkOption {
default = [ ];
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
type = with types; listOf (submodule routeOptions);
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = ''
A list of route sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
[bot] nixos/*: remove unused arguments in lambdas
2018-07-20 20:56:59 +00:00
networkConfig = { config, ... }: {
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
config = {
matchConfig = optionalAttrs (config.name != null) {
Name = config.name;
};
networkConfig = optionalAttrs (config.DHCP != null) {
DHCP = config.DHCP;
} // optionalAttrs (config.domains != null) {
Domains = concatStringsSep " " config.domains;
};
};
};
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
commonMatchText = def: optionalString (def.matchConfig != { }) ''
networkd: Fix evaluation of systemd.network units. During the refactor of the networkd stuff in f8dbe5f, a lot of the options are now needed by systemd.nix as well as networkd.nix but weren't moved by that commit as well. For now, this fixes all networkd VM tests except for the macvlan one and thus it should fix #7505 for at least DHCP-based configuration. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:44:25 +02:00
[Match]
${attrsToSection def.matchConfig}
'';
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
linkToUnit = name: def:
{ inherit (def) enable;
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
text = commonMatchText def
+ ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
[Link]
${attrsToSection def.linkConfig}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ def.extraConfig;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
netdevToUnit = name: def:
{ inherit (def) enable;
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
text = commonMatchText def
+ ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
[NetDev]
${attrsToSection def.netdevConfig}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.vlanConfig != { }) ''
[VLAN]
${attrsToSection def.vlanConfig}
''
+ optionalString (def.macvlanConfig != { }) ''
[MACVLAN]
${attrsToSection def.macvlanConfig}
''
+ optionalString (def.vxlanConfig != { }) ''
[VXLAN]
${attrsToSection def.vxlanConfig}
''
+ optionalString (def.tunnelConfig != { }) ''
[Tunnel]
${attrsToSection def.tunnelConfig}
''
+ optionalString (def.peerConfig != { }) ''
[Peer]
${attrsToSection def.peerConfig}
''
+ optionalString (def.tunConfig != { }) ''
[Tun]
${attrsToSection def.tunConfig}
''
+ optionalString (def.tapConfig != { }) ''
[Tap]
${attrsToSection def.tapConfig}
''
+ optionalString (def.wireguardConfig != { }) ''
[WireGuard]
${attrsToSection def.wireguardConfig}
''
+ flip concatMapStrings def.wireguardPeers (x: ''
[WireGuardPeer]
${attrsToSection x.wireguardPeerConfig}
'')
+ optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
''
+ optionalString (def.xfrmConfig != { }) ''
[Xfrm]
${attrsToSection def.xfrmConfig}
''
+ optionalString (def.vrfConfig != { }) ''
[VRF]
${attrsToSection def.vrfConfig}
''
+ def.extraConfig;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
networkToUnit = name: def:
{ inherit (def) enable;
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
text = commonMatchText def
+ optionalString (def.linkConfig != { }) ''
[Link]
${attrsToSection def.linkConfig}
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
''
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
+ ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
[Network]
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ attrsToSection def.networkConfig
+ optionalString (def.address != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "Address=${s}") def.address)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.gateway != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "Gateway=${s}") def.gateway)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.dns != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "DNS=${s}") def.dns)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.ntp != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "NTP=${s}") def.ntp)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.bridge != [ ]) ''
nixos/networkd: add missing options
2018-07-30 09:22:33 +02:00
${concatStringsSep "\n" (map (s: "Bridge=${s}") def.bridge)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.bond != [ ]) ''
nixos/networkd: add missing options
2018-07-30 09:22:33 +02:00
${concatStringsSep "\n" (map (s: "Bond=${s}") def.bond)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.vrf != [ ]) ''
nixos/networkd: add missing options
2018-07-30 09:22:33 +02:00
${concatStringsSep "\n" (map (s: "VRF=${s}") def.vrf)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.vlan != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "VLAN=${s}") def.vlan)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.macvlan != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "MACVLAN=${s}") def.macvlan)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.vxlan != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "VXLAN=${s}") def.vxlan)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.tunnel != [ ]) ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ optionalString (def.xfrm != [ ]) ''
systemd-networkd: add configuration for XFRM interfaces
2020-01-14 10:37:52 +01:00
${concatStringsSep "\n" (map (s: "Xfrm=${s}") def.xfrm)}
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ ''
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
nixos/networkd: delete unnecessary new lines in config files
2020-07-01 19:27:49 +02:00
''
+ flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')
+ flip concatMapStrings def.routingPolicyRules (x: ''
[RoutingPolicyRule]
${attrsToSection x.routingPolicyRuleConfig}
'')
+ flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')
+ optionalString (def.dhcpV4Config != { }) ''
[DHCPv4]
${attrsToSection def.dhcpV4Config}
''
+ optionalString (def.dhcpV6Config != { }) ''
[DHCPv6]
${attrsToSection def.dhcpV6Config}
''
+ optionalString (def.dhcpServerConfig != { }) ''
[DHCPServer]
${attrsToSection def.dhcpServerConfig}
''
+ optionalString (def.ipv6PrefixDelegationConfig != { }) ''
[IPv6PrefixDelegation]
${attrsToSection def.ipv6PrefixDelegationConfig}
''
+ flip concatMapStrings def.ipv6Prefixes (x: ''
[IPv6Prefix]
${attrsToSection x.ipv6PrefixConfig}
'')
+ def.extraConfig;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
treewide: use attrs instead of list for types.loaOf options
2019-09-14 19:51:29 +02:00
unitFiles = listToAttrs (map (name: {
name = "systemd/network/${name}";
value.source = "${cfg.units.${name}.unit}/${name}";
}) (attrNames cfg.units));
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
in
{
options = {
systemd.network.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable networkd or not.
'';
};
systemd.network.links = mkOption {
default = {};
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
type = with types; attrsOf (submodule [ { options = linkOptions; } ]);
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
type = with types; attrsOf (submodule [ { options = netdevOptions; } ]);
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
networkd module: fix submodule options declaration
2016-10-03 13:02:42 +09:00
type = with types; attrsOf (submodule [ { options = networkOptions; } networkConfig ]);
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
description = "Definition of systemd networks.";
};
systemd.network.units = mkOption {
description = "Definition of networkd units.";
default = {};
nixos/networkd: mark `units` option as internal The options at `systemd.network` (`links`, `netdevs` and `networks`) are directly mapped to the three different unit types of `systemd-networkd(8)`. However there's also the option `systemd.network.units` which is basically used as a container for generated unit-configs that are linked to `/etc/systemd/networkd`[1]. This should not be exposed to the user as it's unclear whether or not it should be used directly which can be pretty confusing which is why I decided to declare this option as internal (including all sub-options as `internal` doesn't seem to be propagated to submodules). [1] https://github.com/NixOS/nixpkgs/blob/9db75ed88fd87e17ec448ad7a43b62acb4842854/nixos/modules/system/boot/networkd.nix#L933-L937
2019-11-29 12:50:51 +01:00
internal = true;
networkd module: optionSet -> submodule
2016-09-13 12:56:05 +09:00
type = with types; attrsOf (submodule (
{ name, config, ... }:
nixos/networkd: mark `units` option as internal The options at `systemd.network` (`links`, `netdevs` and `networks`) are directly mapped to the three different unit types of `systemd-networkd(8)`. However there's also the option `systemd.network.units` which is basically used as a container for generated unit-configs that are linked to `/etc/systemd/networkd`[1]. This should not be exposed to the user as it's unclear whether or not it should be used directly which can be pretty confusing which is why I decided to declare this option as internal (including all sub-options as `internal` doesn't seem to be propagated to submodules). [1] https://github.com/NixOS/nixpkgs/blob/9db75ed88fd87e17ec448ad7a43b62acb4842854/nixos/modules/system/boot/networkd.nix#L933-L937
2019-11-29 12:50:51 +01:00
{ options = mapAttrs (_: x: x // { internal = true; }) concreteUnitOptions;
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
config = {
unit = mkDefault (makeUnit name config);
};
networkd module: optionSet -> submodule
2016-09-13 12:56:05 +09:00
}));
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
};
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
config = mkMerge [
nixos/networkd: rename the networkd dhcpConfig option to dhcpV4Config This follows upstreams change in documentation. While the `[DHCP]` section might still work it is undocumented and we should probably not be using it anymore. Users can just upgrade to the new option without much hassle. I had to create a bit of custom module deprecation code since the usual approach doesn't support wildcards in the path.
2020-01-08 20:18:26 +01:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
# .link units are honored by udev, no matter if systemd-networkd is enabled or not.
{
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links;
environment.etc = unitFiles;
}
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
(mkIf config.systemd.network.enable {
nixos/networkd: add systemd-network user to group systemd-network
2019-11-24 22:45:39 +01:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
users.users.systemd-network.group = "systemd-network";
Don't include networkd units unless enabled Otherwise, the enabled -> disabled transition won't be handled correctly (switch-to-configuration currently assumes that if a unit is running and exists, it should be restarted).
2015-04-19 21:11:14 +02:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
systemd.additionalUpstreamSystemUnits = [
nixos/networkd: Make activatible through dbus and netlink With this systemd buffers netlink messages in early boot from the kernel itself; and passes them on to networkd for processing once it's started. Makes sure no routing messages are missed. Also makes an alias so that dbus can activate this unit. Upstream has this too.
2020-05-19 11:04:14 +02:00
"systemd-networkd-wait-online.service"
"systemd-networkd.service"
"systemd-networkd.socket"
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
];
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
Fix #7476
2015-04-20 11:31:17 +02:00
nixos/networkd: Make activatible through dbus and netlink With this systemd buffers netlink messages in early boot from the kernel itself; and passes them on to networkd for processing once it's started. Makes sure no routing messages are missed. Also makes an alias so that dbus can activate this unit. Upstream has this too.
2020-05-19 11:04:14 +02:00
# systemd-networkd is socket-activated by kernel netlink route change
# messages. It is important to have systemd buffer those on behalf of
# networkd.
systemd.sockets.systemd-networkd.wantedBy = [ "sockets.target" ];
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
nixos/networkd: Make activatible through dbus and netlink With this systemd buffers netlink messages in early boot from the kernel itself; and passes them on to networkd for processing once it's started. Makes sure no routing messages are missed. Also makes an alias so that dbus can activate this unit. Upstream has this too.
2020-05-19 11:04:14 +02:00
aliases = [ "dbus-org.freedesktop.network1.service" ];
nixos/networkd: Fix restartTriggers 1d61efb7f177f7b70c467ab4940fde0a3481d4dc accidentially changed the restartTriggers of systemd-networkd.service` to point to the attribute name (in this case, a location relative to `/etc`), instead of the location of the network-related unit files in the nix store. This caused systemd-networkd to not get restarted on activation of new networking config, if the file name hasn't changed. Fix this, by pointing this back to the location in the nix store.
2020-04-22 23:31:43 +02:00
restartTriggers = map (x: x.source) (attrValues unitFiles);
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
# prevent race condition with interface renaming (#39069)
requires = [ "systemd-udev-settle.service" ];
after = [ "systemd-udev-settle.service" ];
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
systemd.services.systemd-networkd-wait-online = {
wantedBy = [ "network-online.target" ];
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
};
nixos/networkd: respect systemd.network.links also with disabled systemd-networkd This mirrors the behaviour of systemd - It's udev that parses `.link` files, not `systemd-networkd`. This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d, but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing evaluation errors on hydra.
2020-03-11 00:24:50 +01:00
services.resolved.enable = mkDefault true;
})
];
systemd: Move networkd into separate modules The systemd module was getting rather bloated.
2015-04-19 21:05:12 +02:00
}
Reference in New Issue Copy Permalink