nixos/networking-interfaces: make static routes configurable

This commit is contained in:
rnhmjoj 2017-07-27 16:23:20 +02:00
parent 05f5cdcf66
commit d00c91c5da
No known key found for this signature in database
GPG Key ID: 91BE884FBA4B591A
2 changed files with 108 additions and 23 deletions

View File

@ -185,33 +185,57 @@ let
path = [ pkgs.iproute ]; path = [ pkgs.iproute ];
script = script =
'' ''
# FIXME: shouldn't this be done in network-link?
echo "bringing up interface..."
ip link set "${i.name}" up
state="/run/nixos/network/addresses/${i.name}" state="/run/nixos/network/addresses/${i.name}"
mkdir -p $(dirname "$state") mkdir -p $(dirname "$state")
'' + flip concatMapStrings (ips) (ip: ${flip concatMapStrings ips (ip:
let let
address = "${ip.address}/${toString ip.prefixLength}"; cidr = "${ip.address}/${toString ip.prefixLength}";
in in
'' ''
echo "${address}" >> $state echo "${cidr}" >> $state
if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then echo -n "adding address ${cidr}... "
echo "added ip ${address}" if out=$(ip addr add "${cidr}" dev "${i.name}" 2>&1); then
echo "done"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
echo "failed to add ${address}" echo "failed"
exit 1 exit 1
fi fi
''); ''
)}
state="/run/nixos/network/routes/${i.name}"
mkdir -p $(dirname "$state")
${flip concatMapStrings (i.ipv4Routes ++ i.ipv6Routes) (route:
let
cidr = "${route.address}/${toString route.prefixLength}";
nextHop = optionalString (route.nextHop != null) ''via "${route.nextHop}"'';
in
''
echo "${cidr}" >> $state
echo -n "adding route ${cidr}... "
if out=$(ip route add "${cidr}" ${route.options} ${nextHop} dev "${i.name}" 2>&1); then
echo "done"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
echo "failed"
exit 1
fi
''
)}
'';
preStop = '' preStop = ''
state="/run/nixos/network/routes/${i.name}"
while read cidr; do
echo -n "deleting route $cidr... "
ip route del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"
done < "$state"
rm -f "$state"
state="/run/nixos/network/addresses/${i.name}" state="/run/nixos/network/addresses/${i.name}"
while read address; do while read cidr; do
echo -n "deleting $address..." echo -n "deleting address $cidr... "
ip addr del "$address" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed" ip addr del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"
echo ""
done < "$state" done < "$state"
rm -f "$state" rm -f "$state"
''; '';

View File

@ -116,6 +116,40 @@ let
}; };
}; };
routeOpts = v:
{ options = {
address = mkOption {
type = types.str;
description = "IPv${toString v} address of the network.";
};
prefixLength = mkOption {
type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));
description = ''
Subnet mask of the network, specified as the number of
bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>).
'';
};
nextHop = mkOption {
type = types.nullOr types.str;
default = null;
description = "IPv${toString v} address of the next hop.";
};
options = mkOption {
type = types.str;
default = "";
example = "mtu 1492 window 524288";
description = ''
Other route options. See the symbol <literal>OPTION</literal>
in the <literal>ip-route(8)</literal> manual page for the details.
'';
};
};
};
gatewayCoerce = address: { inherit address; }; gatewayCoerce = address: { inherit address; };
gatewayOpts = { ... }: { gatewayOpts = { ... }: {
@ -199,6 +233,30 @@ let
''; '';
}; };
ipv4Routes = mkOption {
default = [];
example = [
{ address = "10.0.0.0"; prefixLength = 16; }
{ address = "192.168.2.0"; prefixLength = 24; nextHop = "192.168.1.1"; }
];
type = with types; listOf (submodule (routeOpts 4));
description = ''
List of extra IPv4 static routes that will be assigned to the interface.
'';
};
ipv6Routes = mkOption {
default = [];
example = [
{ address = "fdfd:b3f0::"; prefixLength = 48; }
{ address = "2001:1470:fffd:2098::"; prefixLength = 64; nextHop = "fdfd:b3f0::1"; }
];
type = with types; listOf (submodule (routeOpts 6));
description = ''
List of extra IPv6 static routes that will be assigned to the interface.
'';
};
ipAddress = mkOption { ipAddress = mkOption {
default = null; default = null;
example = "10.0.0.1"; example = "10.0.0.1";
@ -1089,6 +1147,9 @@ in
'' + optionalString (i.mtu != null) '' '' + optionalString (i.mtu != null) ''
echo "setting MTU to ${toString i.mtu}..." echo "setting MTU to ${toString i.mtu}..."
ip link set "${i.name}" mtu "${toString i.mtu}" ip link set "${i.name}" mtu "${toString i.mtu}"
'' + ''
echo -n "bringing up interface... "
ip link set "${i.name}" up && echo "done" || (echo "failed"; exit 1)
''; '';
}))); })));