movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 12:45:27 +03:00
Code Issues Projects Releases Packages Wiki Activity
nixpkgs/nixos/modules/tasks/network-interfaces-scripted.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

760 lines
29 KiB
Nix
Raw Normal View History

nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
{
config,
lib,
pkgs,
utils,
...
}:
with utils;
Don't require forcing utils to get to lib
2014-12-10 19:28:45 -05:00
with lib;
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
let
cfg = config.networking;
interfaces = attrValues cfg.interfaces;
nixos/network-interfaces: ensure slave interfaces are up Fixes #28620.
2017-09-24 16:54:48 +02:00
slaves =
concatMap (i: i.interfaces) (attrValues cfg.bonds)
++ concatMap (i: i.interfaces) (attrValues cfg.bridges)
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
++ concatMap (i: attrNames (filterAttrs (_: config: config.type != "internal") i.interfaces)) (
attrValues cfg.vswitches
)
nixos/network-interfaces: ensure slave interfaces are up Fixes #28620.
2017-09-24 16:54:48 +02:00
++ concatMap (i: [ i.interface ]) (attrValues cfg.macvlans)
++ concatMap (i: [ i.interface ]) (attrValues cfg.vlans);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# We must escape interfaces due to the systemd interpretation
subsystemDevice = interface: "sys-subsystem-net-devices-${escapeSystemdPath interface}.device";
nixos/networking-interfaces: rename IP addresses/routes options
2017-12-03 05:13:14 +01:00
interfaceIps = i: i.ipv4.addresses ++ optionals cfg.enableIPv6 i.ipv6.addresses;
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
destroyBond = i: ''
while true; do
UPDATED=1
SLAVES=$(ip link | grep 'master ${i}' | awk -F: '{print $2}')
for I in $SLAVES; do
UPDATED=0
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "$I" nomaster
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
done
[ "$UPDATED" -eq "1" ] && break
done
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${i}" down 2>/dev/null || true
ip link del dev "${i}" 2>/dev/null || true
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
'';
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
# warn that these attributes are deprecated (2017-2-2)
# Should be removed in the release after next
bondDeprecation = rec {
deprecated = [
"lacp_rate"
"miimon"
"mode"
"xmit_hash_policy"
];
filterDeprecated =
bond: (filterAttrs (attrName: attr: elem attrName deprecated && attr != null) bond);
};
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
bondWarnings =
let
oneBondWarnings =
bondName: bond: mapAttrsToList (bondText bondName) (bondDeprecation.filterDeprecated bond);
bondText =
bondName: optName: _:
"${bondName}.${optName} is deprecated, use ${bondName}.driverOptions";
in
{
warnings = flatten (mapAttrsToList oneBondWarnings cfg.bonds);
};
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
normalConfig = {
nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-17 21:57:01 +02:00
systemd.network.links =
let
createNetworkLink =
i:
nameValuePair "40-${i.name}" {
matchConfig.OriginalName = i.name;
linkConfig =
optionalAttrs (i.macAddress != null) {
MACAddress = i.macAddress;
}
// optionalAttrs (i.mtu != null) {
MTUBytes = toString i.mtu;
};
};
in
listToAttrs (map createNetworkLink interfaces);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
systemd.services =
let
containers: Do not wait for udev for network devices Test that adding physical devices to containers works, find that network setup then doesn't work because there is no udev in the container to tell systemd that the device is present. Fixed by not depending on the device in the container. Activate the new container test for release Bonds, bridges and other network devices need the underlying not as dependency when used inside the container. Because the device is already there. But the address configuration needs the aggregated device itself.
2016-09-30 10:45:48 +02:00
deviceDependency =
dev:
network-interfaces service: fix bindsTo deps for masters Previously, netdev units for network interfaces defined in the nixos configurations would bindTo the systemd device unit of the interface if not in a container. In situations where you switch to a new nixos configration with changes to network-setup.service (like nameservers) and have stacked interfaces like vlans on a bond, it would fail to propagate restarts to the netdevs correctly resulting with broken networking. The bond would be present but no vlan interfaces rendering the machine unreachable. My fear is that the udev events fail to propagate correctly while a systemd transaction that is also restarting the triggered netdev service is running. This commit changes this behaviour so netdev services bindTo other netdev services if present and otherwise fall back to the previous behaviour. We also noticed that stacked interfaces would sometimes seemingly be stopped in the wrong order. For instance in the above example, the bond interface would be deleted before the vlan interfaces resulting in the vlan interfaces not being present when their service is being stopped. This would cause the systemd transaction to fail and thus break networking. Their postStop hooks are now allowed to fail as we have reached the desired state.
2017-02-09 23:08:48 +01:00
# Use systemd service if we manage device creation, else
# trust udev when not in a container
nixos/network-interfaces: fix implicit dependency on underlying device the bug causes a hard dependency on an underlying device which might not be valid for all interfaces, also broke the example for networking.sits. this is due to calling hasAttr first and checking for null afterwards, the bug was made more apparent in commit 76a3c30
2024-01-02 08:02:50 +05:30
if (dev == null || dev == "lo") then
[ ]
else if
(hasAttr dev (filterAttrs (k: v: v.virtual) cfg.interfaces))
network-interface service: tuntap ifs have netdev services
2017-02-18 04:54:15 +01:00
|| (hasAttr dev cfg.bridges)
network-interfaces service: fix bindsTo deps for masters Previously, netdev units for network interfaces defined in the nixos configurations would bindTo the systemd device unit of the interface if not in a container. In situations where you switch to a new nixos configration with changes to network-setup.service (like nameservers) and have stacked interfaces like vlans on a bond, it would fail to propagate restarts to the netdevs correctly resulting with broken networking. The bond would be present but no vlan interfaces rendering the machine unreachable. My fear is that the udev events fail to propagate correctly while a systemd transaction that is also restarting the triggered netdev service is running. This commit changes this behaviour so netdev services bindTo other netdev services if present and otherwise fall back to the previous behaviour. We also noticed that stacked interfaces would sometimes seemingly be stopped in the wrong order. For instance in the above example, the bond interface would be deleted before the vlan interfaces resulting in the vlan interfaces not being present when their service is being stopped. This would cause the systemd transaction to fail and thus break networking. Their postStop hooks are now allowed to fail as we have reached the desired state.
2017-02-09 23:08:48 +01:00
|| (hasAttr dev cfg.bonds)
|| (hasAttr dev cfg.macvlans)
|| (hasAttr dev cfg.sits)
|| (hasAttr dev cfg.vlans)
network: make network-setup service do not depend on udevd directly; fix typo with GRE tunnels Otherwise, when doing nixos switch to major changes (typically when stdenv changes), udevd service gets loaded after addresses, which causes addresses service to wait indefinitely for the device and fail. Signed-off-by: Egor Savkin <es@m-labs.hk>
2025-01-15 10:32:39 +08:00
|| (hasAttr dev cfg.greTunnels)
network-interfaces-scripted: wlanInterfaces have .device, no "${dev}-netdev.service"
2018-04-03 20:00:12 +00:00
|| (hasAttr dev cfg.vswitches)
network-interfaces service: fix bindsTo deps for masters Previously, netdev units for network interfaces defined in the nixos configurations would bindTo the systemd device unit of the interface if not in a container. In situations where you switch to a new nixos configration with changes to network-setup.service (like nameservers) and have stacked interfaces like vlans on a bond, it would fail to propagate restarts to the netdevs correctly resulting with broken networking. The bond would be present but no vlan interfaces rendering the machine unreachable. My fear is that the udev events fail to propagate correctly while a systemd transaction that is also restarting the triggered netdev service is running. This commit changes this behaviour so netdev services bindTo other netdev services if present and otherwise fall back to the previous behaviour. We also noticed that stacked interfaces would sometimes seemingly be stopped in the wrong order. For instance in the above example, the bond interface would be deleted before the vlan interfaces resulting in the vlan interfaces not being present when their service is being stopped. This would cause the systemd transaction to fail and thus break networking. Their postStop hooks are now allowed to fail as we have reached the desired state.
2017-02-09 23:08:48 +01:00
then
[ "${dev}-netdev.service" ]
nixos/network-interfaces: fix implicit dependency on underlying device the bug causes a hard dependency on an underlying device which might not be valid for all interfaces, also broke the example for networking.sits. this is due to calling hasAttr first and checking for null afterwards, the bug was made more apparent in commit 76a3c30
2024-01-02 08:02:50 +05:30
else
optional (!config.boot.isContainer) (subsystemDevice dev);
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/networking: network is online if default gw set Previously services depending on network-online.target would wait until dhcpcd times out if it was enabled and a static network address configuration was used. Setting the default gateway statically is enough for the networking to be considered online. This also adjusts the relevant networking tests to wait for network-online.target instead of just network.target.
2017-09-18 14:46:37 +02:00
hasDefaultGatewaySet =
(cfg.defaultGateway != null && cfg.defaultGateway.address != "")
network-interfaces-scripted service: delay setup if IPv6 is disabled Even if IPv6 gateway is set, there's no need to set it early if IPv6 is disabled.
2018-02-19 23:30:49 +03:00
|| (cfg.enableIPv6 && cfg.defaultGateway6 != null && cfg.defaultGateway6.address != "");
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces-scripted: don't bindTo absent network-setup.service
2022-06-24 20:43:40 +03:00
needNetworkSetup =
cfg.resolvconf.enable || cfg.defaultGateway != null || cfg.defaultGateway6 != null;
networkLocalCommands = lib.mkIf needNetworkSetup {
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
after = [ "network-setup.service" ];
bindsTo = [ "network-setup.service" ];
};
nixos/network-interfaces-scripted: don't bindTo absent network-setup.service
2022-06-24 20:43:40 +03:00
networkSetup = lib.mkIf needNetworkSetup {
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
description = "Networking Setup";
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
network: make network-setup service do not depend on udevd directly; fix typo with GRE tunnels Otherwise, when doing nixos switch to major changes (typically when stdenv changes), udevd service gets loaded after addresses, which causes addresses service to wait indefinitely for the device and fail. Signed-off-by: Egor Savkin <es@m-labs.hk>
2025-01-15 10:32:39 +08:00
after = [ "network-pre.target" ];
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
before = [
"network.target"
"shutdown.target"
];
wants = [ "network.target" ];
nixos/network-interfaces-scripted: fix container networking bug When a bridge interface was reconfigured, running containers using this bridge lost connectivity: restarting network-addresses-brN.service triggered a restart of network-setup.service via a "partOf" relationship introduced in 07e0c0e0a2f237639600f2a0d62f6eac748b1e6e. This in turn restarted brN-netdev.service. The bridge was thus destroyed and recreated with the same name but a new interface id, causing attached veth interfaces to lose their connection. This change removes the "partOf" relationship between network-setup.service and network-addresses-brN.service for all bridges.
2018-09-23 22:55:59 +02:00
# exclude bridges from the partOf relationship to fix container networking bug #47210
partOf = map (i: "network-addresses-${i.name}.service") (
filter (i: !(hasAttr i.name cfg.bridges)) interfaces
);
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
conflicts = [ "shutdown.target" ];
nixos/networking: network is online if default gw set Previously services depending on network-online.target would wait until dhcpcd times out if it was enabled and a static network address configuration was used. Setting the default gateway statically is enough for the networking to be considered online. This also adjusts the relevant networking tests to wait for network-online.target instead of just network.target.
2017-09-18 14:46:37 +02:00
wantedBy = [ "multi-user.target" ] ++ optional hasDefaultGatewaySet "network-online.target";
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
unitConfig.ConditionCapability = "CAP_NET_ADMIN";
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
path = [ pkgs.iproute2 ];
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
network-interfaces-scripted: DefaultDependencies is a unitConfig Ref: 072c1dcc4a319b80ffd4a41165cebacdbb17275a
2016-10-02 14:00:12 +02:00
unitConfig.DefaultDependencies = false;
nixos/networking: Fix more harmless errors
2014-12-01 01:18:26 -08:00
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
script = ''
resolvconf service: init This is a refactor of how resolvconf is managed on NixOS. We split it into a separate service which is enabled internally depending on whether we want /etc/resolv.conf to be managed by it. Various services now take advantage of those configuration options. We also now use systemd instead of activation scripts to update resolv.conf. NetworkManager now uses the right option for rc-manager DNS automatically, so the configuration option shouldn't be exposed.
2019-07-15 20:18:49 +03:00
${optionalString config.networking.resolvconf.enable ''
network-scripting: do not run resolvconf if /etc/resolv.conf is managed manually (#56682) The second invocation of resolvconf, missed in https://github.com/NixOS/nixpkgs/pull/32308
2019-03-09 11:42:14 +00:00
# Set the static DNS configuration, if given.
${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF
${optionalString (cfg.nameservers != [ ] && cfg.domain != null) ''
domain ${cfg.domain}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
''}
network-scripting: do not run resolvconf if /etc/resolv.conf is managed manually (#56682) The second invocation of resolvconf, missed in https://github.com/NixOS/nixpkgs/pull/32308
2019-03-09 11:42:14 +00:00
${optionalString (cfg.search != [ ]) ("search " + concatStringsSep " " cfg.search)}
${flip concatMapStrings cfg.nameservers (ns: ''
nameserver ${ns}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'')}
EOF
''}
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# Set the default gateway.
network-interfaces service: add defaultGateway{,6}.interface
2017-01-14 04:14:16 +03:00
${optionalString (cfg.defaultGateway != null && cfg.defaultGateway.address != "") ''
network-interfaces: device routes for default gateway Iff interface is set, it makes sense to add device route by default.
2017-09-01 06:24:37 +02:00
${optionalString (cfg.defaultGateway.interface != null) ''
ip route replace ${cfg.defaultGateway.address} dev ${cfg.defaultGateway.interface} ${
optionalString (cfg.defaultGateway.metric != null) "metric ${toString cfg.defaultGateway.metric}"
} proto static
''}
ip route replace default ${
optionalString (cfg.defaultGateway.metric != null) "metric ${toString cfg.defaultGateway.metric}"
network-interfaces service: add metric option for defaultGateways
2017-02-09 23:09:07 +01:00
} via "${cfg.defaultGateway.address}" ${
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
optionalString (
cfg.defaultGatewayWindowSize != null
network-interfaces service: add defaultGateway{,6}.interface
2017-01-14 04:14:16 +03:00
) "window ${toString cfg.defaultGatewayWindowSize}"
} ${
optionalString (cfg.defaultGateway.interface != null) "dev ${cfg.defaultGateway.interface}"
network-interfaces: device routes for default gateway Iff interface is set, it makes sense to add device route by default.
2017-09-01 06:24:37 +02:00
} proto static
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
''}
network-interfaces service: add defaultGateway{,6}.interface
2017-01-14 04:14:16 +03:00
${optionalString (cfg.defaultGateway6 != null && cfg.defaultGateway6.address != "") ''
network-interfaces: device routes for default gateway Iff interface is set, it makes sense to add device route by default.
2017-09-01 06:24:37 +02:00
${optionalString (cfg.defaultGateway6.interface != null) ''
ip -6 route replace ${cfg.defaultGateway6.address} dev ${cfg.defaultGateway6.interface} ${
optionalString (cfg.defaultGateway6.metric != null) "metric ${toString cfg.defaultGateway6.metric}"
} proto static
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
''}
network-interfaces: device routes for default gateway Iff interface is set, it makes sense to add device route by default.
2017-09-01 06:24:37 +02:00
ip -6 route replace default ${
network-interfaces service: add metric option for defaultGateways
2017-02-09 23:09:07 +01:00
optionalString (cfg.defaultGateway6.metric != null) "metric ${toString cfg.defaultGateway6.metric}"
} via "${cfg.defaultGateway6.address}" ${
nixos/network-interfaces: Add ipv6 gateway support
2014-12-17 17:54:06 -08:00
optionalString (
cfg.defaultGatewayWindowSize != null
network-interfaces service: add defaultGateway{,6}.interface
2017-01-14 04:14:16 +03:00
) "window ${toString cfg.defaultGatewayWindowSize}"
} ${
optionalString (cfg.defaultGateway6.interface != null) "dev ${cfg.defaultGateway6.interface}"
network-interfaces: device routes for default gateway Iff interface is set, it makes sense to add device route by default.
2017-09-01 06:24:37 +02:00
} proto static
nixos/network-interfaces: Add ipv6 gateway support
2014-12-17 17:54:06 -08:00
''}
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
'';
};
nixos/network-interfaces: Support mac address and mtu universally
2014-11-24 12:06:07 -08:00
# For each interface <foo>, create a job network-addresses-<foo>.service"
# that performs static address configuration. It has a "wants"
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# dependency on <foo>.service, which is supposed to create
# the interface and need not exist (i.e. for hardware
# interfaces). It has a binds-to dependency on the actual
# network device, so it only gets started after the interface
# has appeared, and it's stopped when the interface
# disappears.
nixos/network-interfaces: Support mac address and mtu universally
2014-11-24 12:06:07 -08:00
configureAddrs =
i:
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
let
ips = interfaceIps i;
in
nixos/network-interfaces: Support mac address and mtu universally
2014-11-24 12:06:07 -08:00
nameValuePair "network-addresses-${i.name}" {
Typo
2015-04-20 16:12:19 +02:00
description = "Address configuration of ${i.name}";
nixos/network-interfaces: IPs must always be set Previously, depending on the environment and the type of interface that was created, the configured IPs of an interface wouldn't be applied on a nixos-rebuild switch. It works after a reboot. This patch ensures that the network-addresses service is started either via the network-link service or if the networking target is activated (i.e. on system activation). Fixes #28474 #16230.
2017-09-24 15:55:02 +02:00
wantedBy = [
"network-setup.service"
"network.target"
];
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
# order before network-setup because the routes that are configured
# there may need ip addresses configured
before = [ "network-setup.service" ];
containers: Do not wait for udev for network devices Test that adding physical devices to containers works, find that network setup then doesn't work because there is no udev in the container to tell systemd that the device is present. Fixed by not depending on the device in the container. Activate the new container test for release Bonds, bridges and other network devices need the underlying not as dependency when used inside the container. Because the device is already there. But the address configuration needs the aggregated device itself.
2016-09-30 10:45:48 +02:00
bindsTo = deviceDependency i.name;
after = [ "network-pre.target" ] ++ (deviceDependency i.name);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
network-link-*.service: Set stopIfChanged = false This reduces the time window during which IP addresses are gone during switch-to-configuration. A complication is that with stopIfChanged = true, preStop would try to delete the *new* IP addresses rather than the old one (since the preStop script now runs after the switch to the new configuration). So we now record the actually configured addresses in /run/nixos/network/addresses/<interface>. This is more robust in any case. Issue https://github.com/NixOS/nixops/issues/640.
2017-04-04 14:18:49 +02:00
# Restart rather than stop+start this unit to prevent the
# network from dying during switch-to-configuration.
stopIfChanged = false;
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
path = [ pkgs.iproute2 ];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
script = ''
network-link-*.service: Set stopIfChanged = false This reduces the time window during which IP addresses are gone during switch-to-configuration. A complication is that with stopIfChanged = true, preStop would try to delete the *new* IP addresses rather than the old one (since the preStop script now runs after the switch to the new configuration). So we now record the actually configured addresses in /run/nixos/network/addresses/<interface>. This is more robust in any case. Issue https://github.com/NixOS/nixops/issues/640.
2017-04-04 14:18:49 +02:00
state="/run/nixos/network/addresses/${i.name}"
nixos/networking: fix shellcheck findings with enableStrictShellChecks enabled Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2024-10-18 18:23:05 +02:00
mkdir -p "$(dirname "$state")"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${i.name}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
${flip concatMapStrings ips (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
ip:
let
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
cidr = "${ip.address}/${toString ip.prefixLength}";
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
''
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
echo "${cidr}" >> $state
echo -n "adding address ${cidr}... "
nixos/network-interfaces: prevent failure when a network address already exists The original code tests output of `ip addr add` command to detect if an adress already exists. The error message was changed in the past and the test no longer works. The patch replaces `ip addr add` with `ip addr replace`. The new command replaces an existing address or creates a new one if there isn't any. fixes 306841
2024-05-17 01:02:29 +02:00
if out=$(ip addr replace "${cidr}" dev "${i.name}" 2>&1); then
nixos/networking: check interface state files exist before acting on them Fix #89158
2020-05-29 12:20:06 +02:00
echo "done"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
else
nixos/networking: fix shellcheck findings with enableStrictShellChecks enabled Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2024-10-18 18:23:05 +02:00
echo "'ip addr replace \"${cidr}\" dev \"${i.name}\"' failed: $out"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
exit 1
fi
''
)}
nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-17 21:57:01 +02:00
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
state="/run/nixos/network/routes/${i.name}"
nixos/networking: fix shellcheck findings with enableStrictShellChecks enabled Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2024-10-18 18:23:05 +02:00
mkdir -p "$(dirname "$state")"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
${flip concatMapStrings (i.ipv4.routes ++ i.ipv6.routes) (
route:
let
cidr = "${route.address}/${toString route.prefixLength}";
nixos/tests: add test for static routes
2017-07-28 16:45:58 +02:00
via = optionalString (route.via != null) ''via "${route.via}"'';
options = concatStrings (mapAttrsToList (name: val: "${name} ${val} ") route.options);
nixos/network-interfaces: add networking.interfaces.<name>.ipv[46].routes.type
2022-06-02 19:16:25 +01:00
type = toString route.type;
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
in
''
echo "${cidr}" >> $state
echo -n "adding route ${cidr}... "
nixos/network-interfaces: add networking.interfaces.<name>.ipv[46].routes.type
2022-06-02 19:16:25 +01:00
if out=$(ip route add ${type} "${cidr}" ${options} ${via} dev "${i.name}" proto static 2>&1); then
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
echo "done"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
nixos/networking: fix shellcheck findings with enableStrictShellChecks enabled Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2024-10-18 18:23:05 +02:00
echo "'ip route add ${type} \"${cidr}\" ${options} ${via} dev \"${i.name}\"' failed: $out"
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
exit 1
fi
''
)}
'';
network-link-*.service: Set stopIfChanged = false This reduces the time window during which IP addresses are gone during switch-to-configuration. A complication is that with stopIfChanged = true, preStop would try to delete the *new* IP addresses rather than the old one (since the preStop script now runs after the switch to the new configuration). So we now record the actually configured addresses in /run/nixos/network/addresses/<interface>. This is more robust in any case. Issue https://github.com/NixOS/nixops/issues/640.
2017-04-04 14:18:49 +02:00
preStop = ''
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
state="/run/nixos/network/routes/${i.name}"
nixos/networking: check interface state files exist before acting on them Fix #89158
2020-05-29 12:20:06 +02:00
if [ -e "$state" ]; then
nixos/networking-interfaces-scripted: use read -r ...instead of plain read, which can cause issues. See SC2162: https://www.shellcheck.net/wiki/SC2162
2024-12-09 01:28:54 +00:00
while read -r cidr; do
nixos/networking: check interface state files exist before acting on them Fix #89158
2020-05-29 12:20:06 +02:00
echo -n "deleting route $cidr... "
ip route del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"
done < "$state"
rm -f "$state"
fi
nixos/networking-interfaces: make static routes configurable
2017-07-27 16:23:20 +02:00
network-link-*.service: Set stopIfChanged = false This reduces the time window during which IP addresses are gone during switch-to-configuration. A complication is that with stopIfChanged = true, preStop would try to delete the *new* IP addresses rather than the old one (since the preStop script now runs after the switch to the new configuration). So we now record the actually configured addresses in /run/nixos/network/addresses/<interface>. This is more robust in any case. Issue https://github.com/NixOS/nixops/issues/640.
2017-04-04 14:18:49 +02:00
state="/run/nixos/network/addresses/${i.name}"
nixos/networking: check interface state files exist before acting on them Fix #89158
2020-05-29 12:20:06 +02:00
if [ -e "$state" ]; then
nixos/networking-interfaces-scripted: use read -r ...instead of plain read, which can cause issues. See SC2162: https://www.shellcheck.net/wiki/SC2162
2024-12-09 01:28:54 +00:00
while read -r cidr; do
nixos/networking: check interface state files exist before acting on them Fix #89158
2020-05-29 12:20:06 +02:00
echo -n "deleting address $cidr... "
ip addr del "$cidr" dev "${i.name}" >/dev/null 2>&1 && echo "done" || echo "failed"
done < "$state"
rm -f "$state"
fi
network-link-*.service: Set stopIfChanged = false This reduces the time window during which IP addresses are gone during switch-to-configuration. A complication is that with stopIfChanged = true, preStop would try to delete the *new* IP addresses rather than the old one (since the preStop script now runs after the switch to the new configuration). So we now record the actually configured addresses in /run/nixos/network/addresses/<interface>. This is more robust in any case. Issue https://github.com/NixOS/nixops/issues/640.
2017-04-04 14:18:49 +02:00
'';
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
};
createTunDevice =
i:
nameValuePair "${i.name}-netdev" {
description = "Virtual Network Interface ${i.name}";
nixos/systemd: fix TUN networking in LXC containers (#81481) in LXC container /dev/net/tun is pre-available, "dev-net-tun.device" always fails
2020-08-06 02:12:57 +00:00
bindsTo = optional (!config.boot.isContainer) "dev-net-tun.device";
after = optional (!config.boot.isContainer) "dev-net-tun.device" ++ [ "network-pre.target" ];
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
wantedBy = [
"network-setup.service"
(subsystemDevice i.name)
];
nixos/network-interfaces: cannot delay device units Systemd is complaining that it can't delay the startup of device units. We have a before dependency on the respective device unit for every netdev service, which doesn't make any sense because we create the actual interface in this service.
2017-09-24 16:01:07 +02:00
before = [ "network-setup.service" ];
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
path = [ pkgs.iproute2 ];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
nixos/networking-interfaces: set default value for virtualType
2018-01-31 05:51:09 +01:00
ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}"
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
'';
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link del dev ${i.name} || true
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
'';
};
createBridgeDevice =
n: v:
nameValuePair "${n}-netdev" (
let
containers: Improve device dependency tracking Now the tracking works with aggregated devices on aggregated devices. So container with physical device where the device is put in a bond which is the basis for a bridge is now handled correctly.
2016-09-30 14:52:46 +02:00
deps = concatLists (map deviceDependency v.interfaces);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
in
{
description = "Bridge Interface ${n}";
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
wantedBy = [
"network-setup.service"
(subsystemDevice n)
];
nixos/network-interfaces: Add mstpd support for bridges
2015-01-07 14:34:15 -08:00
bindsTo = deps ++ optional v.rstp "mstpd.service";
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
partOf = [ "network-setup.service" ] ++ optional v.rstp "mstpd.service";
nixos: network-interfaces-scripted: don't require mstpd when rstp is off
2016-09-07 10:09:20 +00:00
after =
[ "network-pre.target" ]
++ deps
++ optional v.rstp "mstpd.service"
nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-17 21:57:01 +02:00
++ map (i: "network-addresses-${i}.service") v.interfaces;
nixos/network-interfaces: cannot delay device units Systemd is complaining that it can't delay the startup of device units. We have a before dependency on the respective device unit for every netdev service, which doesn't make any sense because we create the actual interface in this service.
2017-09-24 16:01:07 +02:00
before = [ "network-setup.service" ];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
path = [ pkgs.iproute2 ];
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
script = ''
# Remove Dead Interfaces
echo "Removing old bridge ${n}..."
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link show dev "${n}" >/dev/null 2>&1 && ip link del dev "${n}"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
echo "Adding bridge ${n}..."
ip link add name "${n}" type bridge
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
# Enslave child interfaces
${flip concatMapStrings v.interfaces (i: ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${i}" master "${n}"
ip link set dev "${i}" up
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
'')}
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
# Save list of enslaved interfaces
echo "${
flip concatMapStrings v.interfaces (i: ''
${i}
'')
}" > /run/${n}.interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/networking-scripted: restore bridge slaves dynamically added by libvirt
2017-07-27 05:49:18 +00:00
${optionalString config.virtualisation.libvirtd.enable ''
# Enslave dynamically added interfaces which may be lost on nixos-rebuild
nixos/scripted-networking: fix bridge setup when libvirtd uses socket activation
2020-03-09 09:05:13 +00:00
#
# if `libvirtd.service` is not running, do not use `virsh` which would try activate it via 'libvirtd.socket' and thus start it out-of-order.
# `libvirtd.service` will set up bridge interfaces when it will start normally.
#
nixos/network-interfaces-scripted: always run systemctl of the currently running systemd
2020-05-21 10:33:51 +02:00
if /run/current-system/systemd/bin/systemctl --quiet is-active 'libvirtd.service'; then
nixos/scripted-networking: fix bridge setup when libvirtd uses socket activation
2020-03-09 09:05:13 +00:00
for uri in qemu:///system lxc:///; do
for dom in $(${pkgs.libvirt}/bin/virsh -c $uri list --name); do
${pkgs.libvirt}/bin/virsh -c $uri dumpxml "$dom" | \
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
${pkgs.xmlstarlet}/bin/xmlstarlet sel -t -m "//domain/devices/interface[@type='bridge'][source/@bridge='${n}'][target/@dev]" -v "concat('ip link set dev ',target/@dev,' master ',source/@bridge,';')" | \
nixos/scripted-networking: fix bridge setup when libvirtd uses socket activation
2020-03-09 09:05:13 +00:00
${pkgs.bash}/bin/bash
done
support lxc:/// and ignore weird bridges (like openvswitch)
2017-08-01 10:30:58 +00:00
done
nixos/scripted-networking: fix bridge setup when libvirtd uses socket activation
2020-03-09 09:05:13 +00:00
fi
nixos/networking-scripted: restore bridge slaves dynamically added by libvirt
2017-07-27 05:49:18 +00:00
''}
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
# Enable stp on the interface
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
${optionalString v.rstp ''
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
echo 2 >/sys/class/net/${n}/bridge/stp_state
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
''}
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos networking: add vswitch option Add a configuration option for Open vSwitch that is similar to the option for the Linux kernel ethernet bridge.
2015-09-22 15:49:17 +02:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" down || true
ip link del dev "${n}" || true
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
rm -f /run/${n}.interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
reload = ''
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# Un-enslave child interfaces (old list of interfaces)
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
for interface in `cat /run/${n}.interfaces`; do
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
ip link set dev "$interface" nomaster up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
done
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
# Enslave child interfaces (new list of interfaces)
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
${flip concatMapStrings v.interfaces (i: ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${i}" master "${n}"
ip link set dev "${i}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'')}
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
# Save list of enslaved interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
echo "${
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
flip concatMapStrings v.interfaces (i: ''
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
${i}
'')
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
}" > /run/${n}.interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
network-interfaces: reload bridges on conf changes And adopt the tests to add an interface and remove it again. It should work when deactivating rstp, it will not work when activating rstp for the first bridge as then the userspace daemon is not yet available. But once one bridge is active with stp, it should work with the reload for any further bridge. Fixes #21745. Also see #22547.
2017-02-11 16:46:55 +01:00
# (Un-)set stp on the bridge
echo ${if v.rstp then "2" else "0"} > /sys/class/net/${n}/bridge/stp_state
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
reloadIfChanged = true;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}
);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
createVswitchDevice =
n: v:
nameValuePair "${n}-netdev" (
let
containers: Do not wait for udev for network devices Test that adding physical devices to containers works, find that network setup then doesn't work because there is no udev in the container to tell systemd that the device is present. Fixed by not depending on the device in the container. Activate the new container test for release Bonds, bridges and other network devices need the underlying not as dependency when used inside the container. Because the device is already there. But the address configuration needs the aggregated device itself.
2016-09-30 10:45:48 +02:00
deps = concatLists (
map deviceDependency (attrNames (filterAttrs (_: config: config.type != "internal") v.interfaces))
);
nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-17 21:57:01 +02:00
internalConfigs = map (i: "network-addresses-${i}.service") (
attrNames (filterAttrs (_: config: config.type == "internal") v.interfaces)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
);
nixos networking: add vswitch option Add a configuration option for Open vSwitch that is similar to the option for the Linux kernel ethernet bridge.
2015-09-22 15:49:17 +02:00
ofRules = pkgs.writeText "vswitch-${n}-openFlowRules" v.openFlowRules;
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
in
nixos/networking: improve vlan service description VLAN is an abbreviation, so let's not write Vlan.
2024-10-04 22:07:18 +02:00
{
description = "Open vSwitch Interface ${n}";
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
wantedBy = [
"network-setup.service"
(subsystemDevice n)
nixos: Add network-pre.target and adjust firewall start ordering
2014-12-01 17:19:06 -08:00
] ++ internalConfigs;
nixos/network-interfaces: cannot delay device units Systemd is complaining that it can't delay the startup of device units. We have a before dependency on the respective device unit for every netdev service, which doesn't make any sense because we create the actual interface in this service.
2017-09-24 16:01:07 +02:00
# before = [ "network-setup.service" ];
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
# should work without internalConfigs dependencies because address/link configuration depends
# on the device, which is created by ovs-vswitchd with type=internal, but it does not...
before = [ "network-setup.service" ] ++ internalConfigs;
partOf = [ "network-setup.service" ]; # shutdown the bridge when network is shutdown
bindsTo = [ "ovs-vswitchd.service" ]; # requires ovs-vswitchd to be alive at all times
nixos: Add network-pre.target and adjust firewall start ordering
2014-12-01 17:19:06 -08:00
after = [
"network-pre.target"
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
"ovs-vswitchd.service"
] ++ deps; # start switch after physical interfaces and vswitch daemon
wants = deps; # if one or more interface fails, the switch should continue to run
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
path = [
pkgs.iproute2
config.virtualisation.vswitch.package
];
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
preStart = ''
echo "Resetting Open vSwitch ${n}..."
ovs-vsctl --if-exists del-br ${n} -- add-br ${n} \
-- set bridge ${n} protocols=${concatStringsSep "," v.supportedOpenFlowVersions}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
script = ''
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
echo "Configuring Open vSwitch ${n}..."
ovs-vsctl ${
concatStrings (
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
mapAttrsToList (
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
name: config:
" -- add-port ${n} ${name}" + optionalString (config.vlan != null) " tag=${toString config.vlan}"
) v.interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
)
} \
${
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
concatStrings (
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
mapAttrsToList (
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
name: config: optionalString (config.type != null) " -- set interface ${name} type=${config.type}"
) v.interfaces
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
)
} \
nixos networking: add vswitch option Add a configuration option for Open vSwitch that is similar to the option for the Linux kernel ethernet bridge.
2015-09-22 15:49:17 +02:00
${concatMapStrings (x: " -- set-controller ${n} " + x) v.controllers} \
${concatMapStrings (x: " -- " + x) (splitString "\n" v.extraOvsctlCmds)}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos networking: add vswitch option Add a configuration option for Open vSwitch that is similar to the option for the Linux kernel ethernet bridge.
2015-09-22 15:49:17 +02:00
echo "Adding OpenFlow rules for Open vSwitch ${n}..."
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
ovs-ofctl --protocols=${v.openFlowVersion} add-flows ${n} ${ofRules}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
postStop = ''
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
echo "Cleaning Open vSwitch ${n}"
nixos: fix typos
2023-05-19 22:11:38 -04:00
echo "Shutting down internal ${n} interface"
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev ${n} down || true
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
echo "Deleting flows for ${n}"
ovs-ofctl --protocols=${v.openFlowVersion} del-flows ${n} || true
echo "Deleting Open vSwitch ${n}"
ovs-vsctl --if-exists del-br ${n} || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
}
);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
createBondDevice =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
nameValuePair "${n}-netdev" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
containers: Improve device dependency tracking Now the tracking works with aggregated devices on aggregated devices. So container with physical device where the device is put in a bond which is the basis for a bridge is now handled correctly.
2016-09-30 14:52:46 +02:00
deps = concatLists (map deviceDependency v.interfaces);
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
{
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
description = "Bond Interface ${n}";
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
wantedBy = [
"network-setup.service"
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
bindsTo = deps;
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
after = [ "network-pre.target" ] ++ deps ++ map (i: "network-addresses-${i}.service") v.interfaces;
nixos/network-interfaces: cannot delay device units Systemd is complaining that it can't delay the startup of device units. We have a before dependency on the respective device unit for every netdev service, which doesn't make any sense because we create the actual interface in this service.
2017-09-24 16:01:07 +02:00
before = [ "network-setup.service" ];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
path = [
iproute: deprecate alias
2021-03-14 17:05:16 +01:00
pkgs.iproute2
pkgs.gawk
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
script = ''
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
echo "Destroying old bond ${n}..."
${destroyBond n}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
echo "Creating new bond ${n}..."
ip link add name "${n}" type bond \
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
${
let
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
opts = (mapAttrs (const toString) (bondDeprecation.filterDeprecated v)) // v.driverOptions;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
concatStringsSep "\n" (mapAttrsToList (set: val: " ${set} ${val} \\") opts)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
# !!! There must be a better way to wait for the interface
while [ ! -d "/sys/class/net/${n}" ]; do sleep 0.1; done;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# Bring up the bond and enslave the specified interfaces
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" up
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
${flip concatMapStrings v.interfaces (i: ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${i}" down
ip link set dev "${i}" master "${n}"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'')}
'';
nixos/network-interfaces: Refactor scripts for reliability and dependency removal
2014-11-25 01:53:37 -08:00
postStop = destroyBond n;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}
);
nixos/network-interfaces: Add maclvan support
2014-11-26 15:42:32 -08:00
createMacvlanDevice =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
nameValuePair "${n}-netdev" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
containers: Do not wait for udev for network devices Test that adding physical devices to containers works, find that network setup then doesn't work because there is no udev in the container to tell systemd that the device is present. Fixed by not depending on the device in the container. Activate the new container test for release Bonds, bridges and other network devices need the underlying not as dependency when used inside the container. Because the device is already there. But the address configuration needs the aggregated device itself.
2016-09-30 10:45:48 +02:00
deps = deviceDependency v.interface;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
{
nixos/networking: fix macvlan service description Fix copy pasta from the vlan service: Vlan -> MACVLAN
2024-10-04 22:05:42 +02:00
description = "MACVLAN Interface ${n}";
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
wantedBy = [
"network-setup.service"
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
bindsTo = deps;
after = [ "network-pre.target" ] ++ deps;
before = [ "network-setup.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
path = [ pkgs.iproute2 ];
script = ''
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
# Remove Dead Interfaces
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
ip link add link "${v.interface}" name "${n}" type macvlan \
${optionalString (v.mode != null) "mode ${v.mode}"}
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
ip link set dev "${n}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
fix comment
2018-08-13 20:38:32 +00:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link delete dev "${n}" || true
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
'';
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}
);
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
createFouEncapsulation =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
nameValuePair "${n}-fou-encap" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
# if we have a device to bind to we can wait for its addresses to be
# configured, otherwise external sequencing is required.
deps = optionals (v.local != null && v.local.dev != null) (
deviceDependency v.local.dev ++ [ "network-addresses-${v.local.dev}.service" ]
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
);
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
fouSpec = "port ${toString v.port} ${
if v.protocol != null then "ipproto ${toString v.protocol}" else "gue"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
} ${
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
optionalString (v.local != null)
"local ${escapeShellArg v.local.address} ${
optionalString (v.local.dev != null) "dev ${escapeShellArg v.local.dev}"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}"
}";
in
{
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
description = "FOU endpoint ${n}";
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
wantedBy = [
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
"network-setup.service"
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
bindsTo = deps;
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
after = [ "network-pre.target" ] ++ deps;
before = [ "network-setup.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
path = [ pkgs.iproute2 ];
script = ''
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
# always remove previous incarnation since show can't filter
ip fou del ${fouSpec} >/dev/null 2>&1 || true
ip fou add ${fouSpec}
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip fou del ${fouSpec} || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
}
);
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
createSitDevice =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
nameValuePair "${n}-netdev" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
deps = deviceDependency v.dev;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
{
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
description = "6-to-4 Tunnel Interface ${n}";
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
wantedBy = [
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
"network-setup.service"
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
bindsTo = deps;
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
after = [ "network-pre.target" ] ++ deps;
before = [ "network-setup.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
nixos/network-interfaces: Support mac address and mtu universally
2014-11-24 12:06:07 -08:00
ip link add name "${n}" type sit \
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
${optionalString (v.local != null) "local \"${v.local}\""} \
${optionalString (v.ttl != null) "ttl ${toString v.ttl}"} \
nixos networking: add vswitch option Add a configuration option for Open vSwitch that is similar to the option for the Linux kernel ethernet bridge.
2015-09-22 15:49:17 +02:00
${optionalString (v.dev != null) "dev \"${v.dev}\""} \
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
${optionalString (v.encapsulation != null)
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
"encap ${v.encapsulation.type} encap-dport ${toString v.encapsulation.port} ${
nixos/networking: support FOU encapsulation for sits
2021-08-11 12:48:43 +02:00
optionalString (
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
v.encapsulation.sourcePort != null
nixos/networking: support FOU encapsulation for sits
2021-08-11 12:48:43 +02:00
) "encap-sport ${toString v.encapsulation.sourcePort}"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
}"
}
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link delete dev "${n}" || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
}
);
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
createGreDevice =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
nameValuePair "${n}-netdev" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
deps = deviceDependency v.dev;
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
ttlarg = if lib.hasPrefix "ip6" v.type then "hoplimit" else "ttl";
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
{
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
description = "GRE Tunnel Interface ${n}";
wantedBy = [
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
"network-setup.service"
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
bindsTo = deps;
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
after = [ "network-pre.target" ] ++ deps;
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
before = [ "network-setup.service" ];
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
serviceConfig.Type = "oneshot";
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
serviceConfig.RemainAfterExit = true;
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
path = [ pkgs.iproute2 ];
script = ''
nixos/networking: add foo-over-udp endpoint support allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
2021-08-11 11:02:47 +02:00
# Remove Dead Interfaces
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
ip link add name "${n}" type ${v.type} \
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
${optionalString (v.local != null) "local \"${v.local}\""} \
networking.greTunnels: Add ttl option
2022-03-22 20:24:25 +05:30
${optionalString (v.ttl != null) "${ttlarg} ${toString v.ttl}"} \
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
${optionalString (v.dev != null) "dev \"${v.dev}\""}
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" up
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link delete dev "${n}" || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
}
);
nixos/network-interfaces: Add maclvan support
2014-11-26 15:42:32 -08:00
createVlanDevice =
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
n: v:
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
nameValuePair "${n}-netdev" (
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
let
containers: Do not wait for udev for network devices Test that adding physical devices to containers works, find that network setup then doesn't work because there is no udev in the container to tell systemd that the device is present. Fixed by not depending on the device in the container. Activate the new container test for release Bonds, bridges and other network devices need the underlying not as dependency when used inside the container. Because the device is already there. But the address configuration needs the aggregated device itself.
2016-09-30 10:45:48 +02:00
deps = deviceDependency v.interface;
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
in
{
nixos/networking: fix macvlan service description Fix copy pasta from the vlan service: Vlan -> MACVLAN
2024-10-04 22:05:42 +02:00
description = "VLAN Interface ${n}";
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
wantedBy = [
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
"network-setup.service"
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
(subsystemDevice n)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
bindsTo = deps;
network-interfaces-scripted: rework dependencies
2016-09-09 05:25:56 +02:00
partOf = [ "network-setup.service" ];
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
after = [ "network-pre.target" ] ++ deps;
before = [ "network-setup.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
path = [ pkgs.iproute2 ];
script = ''
# Remove Dead Interfaces
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
nixos/network-interfaces: Add maclvan support
2014-11-26 15:42:32 -08:00
ip link add link "${v.interface}" name "${n}" type vlan id "${toString v.id}"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
openvswitch: better integration with systemd Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
2018-12-29 11:16:51 +01:00
# We try to bring up the logical VLAN interface. If the master
# interface the logical interface is dependent upon is not up yet we will
fix comment
2018-08-13 20:38:32 +00:00
# fail to immediately bring up the logical interface. The resulting logical
# interface will brought up later when the master interface is up.
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link set dev "${n}" up || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
postStop = ''
nixos: fix iproute2 invocations (#263976) When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0. This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help. I just encountered this bug using networking.bridges trying to create an interface named he. I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword. I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
2023-10-29 18:27:16 +01:00
ip link delete dev "${n}" || true
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
}
);
in
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
listToAttrs (
nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-17 21:57:01 +02:00
map configureAddrs interfaces ++ map createTunDevice (filter (i: i.virtual) interfaces)
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
)
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
// mapAttrs' createBridgeDevice cfg.bridges
// mapAttrs' createVswitchDevice cfg.vswitches
// mapAttrs' createBondDevice cfg.bonds
nixos/network-interfaces: Add maclvan support
2014-11-26 15:42:32 -08:00
// mapAttrs' createMacvlanDevice cfg.macvlans
// mapAttrs' createFouEncapsulation cfg.fooOverUDP
// mapAttrs' createSitDevice cfg.sits
nixos/networking: add options for configuring a GRE tunnel Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
2021-12-07 15:44:00 +00:00
// mapAttrs' createGreDevice cfg.greTunnels
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
// mapAttrs' createVlanDevice cfg.vlans
// {
treewide: remove redundant quotes
2019-08-13 21:52:01 +00:00
network-setup = networkSetup;
network-local-commands = networkLocalCommands;
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
};
services.udev.extraRules = ''
KERNEL=="tun", TAG+="systemd"
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00
'';
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
};
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
in
{
config = mkMerge [
bondWarnings
(mkIf (!cfg.useNetworkd) normalConfig)
nixos/network-interfaces: ensure slave interfaces are up Fixes #28620.
2017-09-24 16:54:48 +02:00
{
# Ensure slave interfaces are brought up
networking.interfaces = genAttrs slaves (i: { });
}
networking.bonds: add support for arbitrary driverOptions Until now the four attributes available very selectively provided a small subset, while copying upstream documentation. We make driver options an arbitrary key-value set and point to kernel documentation, which is always up-to-date. This way every option can be set. The four already existing options are deprecated with a warning.
2017-02-02 22:21:03 +01:00
];
nixos/network-interfaces: Provide a networkd implementation
2014-11-20 02:37:48 -08:00
}
Reference in a new issue Copy permalink