movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

systemd: Enable more network services

Browse source
This commit is contained in:
William A. Kennington III 2014-11-19 13:11:30 -08:00
parent 08e74f2791
commit a332c4eac5
5 changed files with 112 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

17
nixos/modules/config/networking.nix
View file

@ -43,6 +43,10 @@ in
config = { config = {
warnings =
optional (config.services.resolved.enable && config.environment.etc ? "resolvconf.conf")
"Openresolv is disabled if resolved is used, so resolvconf.conf is not referenced.";
environment.etc = environment.etc =
{ # /etc/services: TCP/UDP port assignments. { # /etc/services: TCP/UDP port assignments.
"services".source = pkgs.iana_etc + "/etc/services"; "services".source = pkgs.iana_etc + "/etc/services";
@ -62,7 +66,16 @@ in
''} ''}
${cfg.extraHosts} ${cfg.extraHosts}
''; '';
} // (if config.services.resolved.enable && dnsmasqResolve then {
"dnsmasq-resolv.conf".source = "/run/systemd/resolve/resolv.conf";
} else {}) // (if config.services.resolved.enable then {
# /etc/resolv.conf: Configuration for systemd-resolved.
"resolv.conf" = if hasLocalResolver then {
text = "nameserver 127.0.0.1";
} else {
source = "/run/systemd/resolve/resolv.conf";
};
} else {
# /etc/resolvconf.conf: Configuration for openresolv. # /etc/resolvconf.conf: Configuration for openresolv.
"resolvconf.conf".text = "resolvconf.conf".text =
'' ''
@ -84,7 +97,7 @@ in
dnsmasq_conf=/etc/dnsmasq-conf.conf dnsmasq_conf=/etc/dnsmasq-conf.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf dnsmasq_resolv=/etc/dnsmasq-resolv.conf
''; '';
}; });
# The ip-up target is started when we have IP connectivity. So # The ip-up target is started when we have IP connectivity. So
# services that depend on IP connectivity (like ntpd) should be # services that depend on IP connectivity (like ntpd) should be

2
nixos/modules/services/networking/dnsmasq.nix
View file

@ -82,7 +82,7 @@ in
systemd.services.dnsmasq = { systemd.services.dnsmasq = {
description = "dnsmasq daemon"; description = "dnsmasq daemon";
after = [ "network.target" ]; after = [ "network.target" "systemd-resolved.conf" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ dnsmasq ]; path = [ dnsmasq ];
preStart = '' preStart = ''

9
nixos/modules/system/boot/systemd-unit-options.nix
View file

@ -140,6 +140,15 @@ in rec {
''; '';
}; };
requisite = mkOption {
default = [];
type = types.listOf types.str;
description = ''
Similar to requires. However if the units listed are not started,
they will not be started and the transaction will fail.
'';
};
unitConfig = mkOption { unitConfig = mkOption {
default = {}; default = {};
example = { RequiresMountsFor = "/data"; }; example = { RequiresMountsFor = "/data"; };

95
nixos/modules/system/boot/systemd.nix
View file

@ -98,6 +98,9 @@ let
# Networking # Networking
"systemd-networkd.service" "systemd-networkd.service"
"systemd-networkd-wait-online.service"
"systemd-resolved.service"
"systemd-timesyncd.service"
# Filesystems. # Filesystems.
"systemd-fsck@.service" "systemd-fsck@.service"
@ -215,6 +218,8 @@ let
{ PartOf = toString config.partOf; } { PartOf = toString config.partOf; }
// optionalAttrs (config.conflicts != []) // optionalAttrs (config.conflicts != [])
{ Conflicts = toString config.conflicts; } { Conflicts = toString config.conflicts; }
// optionalAttrs (config.requisite != [])
{ Requisite = toString config.requisite; }
// optionalAttrs (config.restartTriggers != []) // optionalAttrs (config.restartTriggers != [])
{ X-Restart-Triggers = toString config.restartTriggers; } { X-Restart-Triggers = toString config.restartTriggers; }
// optionalAttrs (config.description != "") { // optionalAttrs (config.description != "") {
@ -568,8 +573,9 @@ let
mkdir -p $out/getty.target.wants/ mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/ ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../local-fs.target ../remote-fs.target ../network.target ../nss-lookup.target \ ln -s ../local-fs.target ../remote-fs.target ../network.target \
../nss-user-lookup.target ../swap.target $out/multi-user.target.wants/ ../nss-lookup.target ../nss-user-lookup.target ../swap.target \
$out/multi-user.target.wants/
''} ''}
''; # */ ''; # */
@ -786,6 +792,22 @@ in
''; '';
}; };
services.resolved.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd dns resolver daemon.
'';
};
services.timesyncd.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd ntp client daemon.
'';
};
systemd.tmpfiles.rules = mkOption { systemd.tmpfiles.rules = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@ -842,7 +864,7 @@ in
###### implementation ###### implementation
config = { config = mkMerge [ {
warnings = concatLists (mapAttrsToList (name: service: warnings = concatLists (mapAttrsToList (name: service:
optional (service.serviceConfig.Type or "" == "oneshot" && service.serviceConfig.Restart or "no" != "no") optional (service.serviceConfig.Type or "" == "oneshot" && service.serviceConfig.Restart or "no" != "no")
@ -949,14 +971,6 @@ in
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway; users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway; users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
# Networkd
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
systemd.services.systemd-networkd.wantedBy =
optional config.systemd.network.enable "multi-user.target";
systemd.services.systemd-networkd.restartTriggers =
[ config.environment.etc."systemd/network".source ];
# Generate timer units for all services that have a startAt value. # Generate timer units for all services that have a startAt value.
systemd.timers = systemd.timers =
mapAttrs (name: service: mapAttrs (name: service:
@ -990,5 +1004,62 @@ in
systemd.services.systemd-remount-fs.restartIfChanged = false; systemd.services.systemd-remount-fs.restartIfChanged = false;
systemd.services.systemd-journal-flush.restartIfChanged = false; systemd.services.systemd-journal-flush.restartIfChanged = false;
}; }
(mkIf config.systemd.network.enable {
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/network".source ];
};
systemd.services.systemd-networkd-wait-online.wantedBy = [ "network-online.target" ];
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
services.timesyncd.enable = mkDefault config.services.ntp.enable;
})
(mkIf config.services.resolved.enable {
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
systemd.services.systemd-resolved = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
};
environment.etc."systemd/resolved.conf".text = ''
[Resolve]
DNS=${concatStringsSep " " config.networking.nameservers}
'';
})
(mkIf config.services.timesyncd.enable {
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
systemd.services.systemd-timesyncd = {
wantedBy = [ "sysinit.target" ];
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
};
environment.etc."systemd/timesyncd.conf".text = ''
[Time]
NTP=${concatStringsSep " " config.services.ntp.servers}
'';
systemd.services.ntpd.enable = false;
})
];
} }

8
nixos/modules/tasks/network-interfaces.nix
View file

@ -581,8 +581,8 @@ in
{ description = "Networking Setup"; { description = "Networking Setup";
after = [ "network-interfaces.target" ]; after = [ "network-interfaces.target" ];
before = [ "network.target" ]; before = [ "network.target" "network-online.target" ];
wantedBy = [ "network.target" ]; wantedBy = [ "network.target" "network-online.target" ];
unitConfig.ConditionCapability = "CAP_NET_ADMIN"; unitConfig.ConditionCapability = "CAP_NET_ADMIN";
@ -592,7 +592,7 @@ in
serviceConfig.RemainAfterExit = true; serviceConfig.RemainAfterExit = true;
script = script =
'' (optionalString (!config.services.resolved.enable) ''
# Set the static DNS configuration, if given. # Set the static DNS configuration, if given.
${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF ${pkgs.openresolv}/sbin/resolvconf -m 1 -a static <<EOF
${optionalString (cfg.nameservers != [] && cfg.domain != "") '' ${optionalString (cfg.nameservers != [] && cfg.domain != "") ''
@ -603,7 +603,7 @@ in
nameserver ${ns} nameserver ${ns}
'')} '')}
EOF EOF
'') + ''
# Disable or enable IPv6. # Disable or enable IPv6.
${optionalString (!config.boot.isContainer) '' ${optionalString (!config.boot.isContainer) ''
if [ -e /proc/sys/net/ipv6/conf/all/disable_ipv6 ]; then if [ -e /proc/sys/net/ipv6/conf/all/disable_ipv6 ]; then