mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-07-14 06:00:33 +03:00
Merge pull request #3747 from wkennington/master.explicit
nixos/network-interfaces: Allow explicit virtual interface type setting
This commit is contained in:
Michael Raskin
commit
c3e7588367
1 changed files with 40 additions and 27 deletions
|
|
@ -138,8 +138,6 @@ let
|
||||||
Whether this interface is virtual and should be created by tunctl.
|
Whether this interface is virtual and should be created by tunctl.
|
||||||
This is mainly useful for creating bridges between a host a virtual
|
This is mainly useful for creating bridges between a host a virtual
|
||||||
network such as VPN or a virtual machine.
|
network such as VPN or a virtual machine.
|
||||||
|
|
||||||
Defaults to tap device, unless interface contains "tun" in its name.
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -151,6 +149,15 @@ let
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
virtualType = mkOption {
|
||||||
|
default = null;
|
||||||
|
type = types.nullOr (types.addCheck types.str (v: v == "tun" || v == "tap"));
|
||||||
|
description = ''
|
||||||
|
The explicit type of interface to create. Accepts tun or tap strings.
|
||||||
|
Also accepts null to implicitly detect the type of device.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
proxyARP = mkOption {
|
proxyARP = mkOption {
|
||||||
default = false;
|
default = false;
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
|
|
@ -673,22 +680,28 @@ in
|
||||||
'');
|
'');
|
||||||
};
|
};
|
||||||
|
|
||||||
createTunDevice = i: nameValuePair "${i.name}"
|
createTunDevice = i: nameValuePair "${i.name}-netdev"
|
||||||
{ description = "Virtual Network Interface ${i.name}";
|
{ description = "Virtual Network Interface ${i.name}";
|
||||||
requires = [ "dev-net-tun.device" ];
|
requires = [ "dev-net-tun.device" ];
|
||||||
after = [ "dev-net-tun.device" ];
|
after = [ "dev-net-tun.device" ];
|
||||||
wantedBy = [ "network.target" ];
|
wantedBy = [ "network.target" "sys-subsystem-net-devices-${i.name}.device" ];
|
||||||
requiredBy = [ "sys-subsystem-net-devices-${i.name}.device" ];
|
path = [ pkgs.iproute ];
|
||||||
serviceConfig =
|
serviceConfig = {
|
||||||
{ Type = "oneshot";
|
Type = "oneshot";
|
||||||
RemainAfterExit = true;
|
RemainAfterExit = true;
|
||||||
ExecStart = "${pkgs.tunctl}/bin/tunctl -t '${i.name}' -u '${i.virtualOwner}'";
|
};
|
||||||
ExecStop = "${pkgs.tunctl}/bin/tunctl -d '${i.name}'";
|
script = ''
|
||||||
};
|
ip tuntap add dev "${i.name}" \
|
||||||
|
${optionalString (i.virtualType != null) "mode ${i.virtualType}"} \
|
||||||
|
user "${i.virtualOwner}"
|
||||||
|
'';
|
||||||
|
postStop = ''
|
||||||
|
ip link del ${i.name}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
createBridgeDevice = n: v:
|
createBridgeDevice = n: v: nameValuePair "${n}-netdev"
|
||||||
let
|
(let
|
||||||
deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
|
deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
|
||||||
in
|
in
|
||||||
{ description = "Bridge Interface ${n}";
|
{ description = "Bridge Interface ${n}";
|
||||||
|
|
@ -725,10 +738,10 @@ in
|
||||||
ip link set "${n}" down
|
ip link set "${n}" down
|
||||||
brctl delbr "${n}"
|
brctl delbr "${n}"
|
||||||
'';
|
'';
|
||||||
};
|
});
|
||||||
|
|
||||||
createBondDevice = n: v:
|
createBondDevice = n: v: nameValuePair "${n}-netdev"
|
||||||
let
|
(let
|
||||||
deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
|
deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
|
||||||
in
|
in
|
||||||
{ description = "Bond Interface ${n}";
|
{ description = "Bond Interface ${n}";
|
||||||
|
|
@ -764,10 +777,10 @@ in
|
||||||
ifenslave -d "${n}"
|
ifenslave -d "${n}"
|
||||||
ip link delete "${n}"
|
ip link delete "${n}"
|
||||||
'';
|
'';
|
||||||
};
|
});
|
||||||
|
|
||||||
createSitDevice = n: v:
|
createSitDevice = n: v: nameValuePair "${n}-netdev"
|
||||||
let
|
(let
|
||||||
deps = optional (v.dev != null) "sys-subsystem-net-devices-${v.dev}.device";
|
deps = optional (v.dev != null) "sys-subsystem-net-devices-${v.dev}.device";
|
||||||
in
|
in
|
||||||
{ description = "6-to-4 Tunnel Interface ${n}";
|
{ description = "6-to-4 Tunnel Interface ${n}";
|
||||||
|
|
@ -790,10 +803,10 @@ in
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}"
|
ip link delete "${n}"
|
||||||
'';
|
'';
|
||||||
};
|
});
|
||||||
|
|
||||||
createVlanDevice = n: v:
|
createVlanDevice = n: v: nameValuePair "${n}-netdev"
|
||||||
let
|
(let
|
||||||
deps = [ "sys-subsystem-net-devices-${v.interface}.device" ];
|
deps = [ "sys-subsystem-net-devices-${v.interface}.device" ];
|
||||||
in
|
in
|
||||||
{ description = "Vlan Interface ${n}";
|
{ description = "Vlan Interface ${n}";
|
||||||
|
|
@ -812,15 +825,15 @@ in
|
||||||
postStop = ''
|
postStop = ''
|
||||||
ip link delete "${n}"
|
ip link delete "${n}"
|
||||||
'';
|
'';
|
||||||
};
|
});
|
||||||
|
|
||||||
in listToAttrs (
|
in listToAttrs (
|
||||||
map configureInterface interfaces ++
|
map configureInterface interfaces ++
|
||||||
map createTunDevice (filter (i: i.virtual) interfaces))
|
map createTunDevice (filter (i: i.virtual) interfaces))
|
||||||
// mapAttrs createBridgeDevice cfg.bridges
|
// mapAttrs' createBridgeDevice cfg.bridges
|
||||||
// mapAttrs createBondDevice cfg.bonds
|
// mapAttrs' createBondDevice cfg.bonds
|
||||||
// mapAttrs createSitDevice cfg.sits
|
// mapAttrs' createSitDevice cfg.sits
|
||||||
// mapAttrs createVlanDevice cfg.vlans
|
// mapAttrs' createVlanDevice cfg.vlans
|
||||||
// { "network-setup" = networkSetup; };
|
// { "network-setup" = networkSetup; };
|
||||||
|
|
||||||
# Set the host and domain names in the activation script. Don't
|
# Set the host and domain names in the activation script. Don't
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue