JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #82026 from andir/systemd-update-networkd-options

Browse Source 
nixos/networkd: update configuration options
This commit is contained in:
Florian Klink 2020-05-01 13:49:24 +02:00 committed by GitHub
commit 0a98d10850
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 149 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
nixos/doc/manual/release-notes/rl-2009.xml
View File

@ -290,6 +290,27 @@ php.override {
has been set to <literal>true</literal>. has been set to <literal>true</literal>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The <literal>systemd-networkd</literal> option
<literal>systemd.network.networks.&lt;name&gt;.dhcp.CriticalConnection</literal>
has been removed following upstream systemd's deprecation of the same. It is recommended to use
<literal>systemd.network.networks.&lt;name&gt;.networkConfig.KeepConfiguration</literal> instead.
See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
</para>
</listitem>
<listitem>
<para>
The <literal>systemd-networkd</literal> option
<literal>systemd.network.networks._name_.dhcpConfig</literal>
has been renamed to
<xref linkend="opt-systemd.network.networks._name_.dhcpV4Config"/>
following upstream systemd's documentation change.
See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>

141
nixos/modules/system/boot/networkd.nix
View File

@ -205,7 +205,7 @@ let
"IPv6HopLimit" "IPv4ProxyARP" "IPv6ProxyNDP" "IPv6ProxyNDPAddress" "IPv6HopLimit" "IPv4ProxyARP" "IPv6ProxyNDP" "IPv6ProxyNDPAddress"
"IPv6PrefixDelegation" "IPv6MTUBytes" "Bridge" "Bond" "VRF" "VLAN" "IPv6PrefixDelegation" "IPv6MTUBytes" "Bridge" "Bond" "VRF" "VLAN"
"IPVLAN" "MACVLAN" "VXLAN" "Tunnel" "ActiveSlave" "PrimarySlave" "IPVLAN" "MACVLAN" "VXLAN" "Tunnel" "ActiveSlave" "PrimarySlave"
"ConfigureWithoutCarrier" "Xfrm" "ConfigureWithoutCarrier" "Xfrm" "KeepConfiguration"
]) ])
# Note: For DHCP the values both, none, v4, v6 are deprecated # Note: For DHCP the values both, none, v4, v6 are deprecated
(assertValueOneOf "DHCP" ["yes" "no" "ipv4" "ipv6" "both" "none" "v4" "v6"]) (assertValueOneOf "DHCP" ["yes" "no" "ipv4" "ipv6" "both" "none" "v4" "v6"])
@ -228,6 +228,7 @@ let
(assertValueOneOf "ActiveSlave" boolValues) (assertValueOneOf "ActiveSlave" boolValues)
(assertValueOneOf "PrimarySlave" boolValues) (assertValueOneOf "PrimarySlave" boolValues)
(assertValueOneOf "ConfigureWithoutCarrier" boolValues) (assertValueOneOf "ConfigureWithoutCarrier" boolValues)
(assertValueOneOf "KeepConfiguration" (boolValues ++ ["static" "dhcp-on-stop" "dhcp"]))
]; ];
checkAddress = checkUnitConfig "Address" [ checkAddress = checkUnitConfig "Address" [
@ -274,15 +275,16 @@ let
]) ])
]; ];
checkDhcp = checkUnitConfig "DHCP" [ checkDhcpV4 = checkUnitConfig "DHCPv4" [
(assertOnlyFields [ (assertOnlyFields [
"UseDNS" "UseNTP" "UseMTU" "Anonymize" "SendHostname" "UseHostname" "UseDNS" "RoutesToDNS" "UseNTP" "UseMTU" "Anonymize" "SendHostname" "UseHostname"
"Hostname" "UseDomains" "UseRoutes" "UseTimezone" "CriticalConnection" "Hostname" "UseDomains" "UseRoutes" "UseTimezone"
"ClientIdentifier" "VendorClassIdentifier" "UserClass" "DUIDType" "ClientIdentifier" "VendorClassIdentifier" "UserClass" "MaxAttempts"
"DUIDRawData" "IAID" "RequestBroadcast" "RouteMetric" "RouteTable" "DUIDType" "DUIDRawData" "IAID" "RequestBroadcast" "RouteMetric" "RouteTable"
"ListenPort" "RapidCommit" "ListenPort" "SendRelease"
]) ])
(assertValueOneOf "UseDNS" boolValues) (assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "RoutesToDNS" boolValues)
(assertValueOneOf "UseNTP" boolValues) (assertValueOneOf "UseNTP" boolValues)
(assertValueOneOf "UseMTU" boolValues) (assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "Anonymize" boolValues) (assertValueOneOf "Anonymize" boolValues)
@ -291,13 +293,50 @@ let
(assertValueOneOf "UseDomains" ["yes" "no" "route"]) (assertValueOneOf "UseDomains" ["yes" "no" "route"])
(assertValueOneOf "UseRoutes" boolValues) (assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "UseTimezone" boolValues) (assertValueOneOf "UseTimezone" boolValues)
(assertValueOneOf "CriticalConnection" boolValues) (assertMinimum "MaxAttempts" 0)
(assertValueOneOf "RequestBroadcast" boolValues) (assertValueOneOf "RequestBroadcast" boolValues)
(assertInt "RouteTable") (assertInt "RouteTable")
(assertMinimum "RouteTable" 0) (assertMinimum "RouteTable" 0)
(assertValueOneOf "RapidCommit" boolValues) (assertValueOneOf "SendRelease" boolValues)
]; ];
checkDhcpV6 = checkUnitConfig "DHCPv6" [
(assertOnlyFields [
"UseDns" "UseNTP" "RapidCommit" "ForceDHCPv6PDOtherInformation"
"PrefixDelegationHint"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseNTP" boolValues)
(assertValueOneOf "RapidCommit" boolValues)
(assertValueOneOf "ForceDHCPv6PDOtherInformation" boolValues)
];
checkIpv6PrefixDelegation = checkUnitConfig "IPv6PrefixDelegation" [
(assertOnlyFields [
"Managed" "OtherInformation" "RouterLifetimeSec"
"RouterPreference" "EmitDNS" "DNS" "EmitDomains" "Domains"
"DNSLifetimeSec"
])
(assertValueOneOf "Managed" boolValues)
(assertValueOneOf "OtherInformation" boolValues)
(assertValueOneOf "RouterPreference" ["high" "medium" "low" "normal" "default"])
(assertValueOneOf "EmitDNS" boolValues)
(assertValueOneOf "EmitDomains" boolValues)
(assertMinimum "DNSLifetimeSec" 0)
];
checkIpv6Prefix = checkUnitConfig "IPv6Prefix" [
(assertOnlyFields [
"AddressAutoconfiguration" "OnLink" "Prefix"
"PreferredLifetimeSec" "ValidLifetimeSec"
])
(assertValueOneOf "AddressAutoconfiguration" boolValues)
(assertValueOneOf "OnLink" boolValues)
(assertMinimum "PreferredLifetimeSec" 0)
(assertMinimum "ValidLifetimeSec" 0)
];
checkDhcpServer = checkUnitConfig "DHCPServer" [ checkDhcpServer = checkUnitConfig "DHCPServer" [
(assertOnlyFields [ (assertOnlyFields [
"PoolOffset" "PoolSize" "DefaultLeaseTimeSec" "MaxLeaseTimeSec" "PoolOffset" "PoolSize" "DefaultLeaseTimeSec" "MaxLeaseTimeSec"
@ -621,6 +660,22 @@ let
}; };
}; };
ipv6PrefixOptions = {
options = {
ipv6PrefixConfig = mkOption {
default = {};
example = { Prefix = "fd00::/64"; };
type = types.addCheck (types.attrsOf unitOption) checkIpv6Prefix;
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6Prefix]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
networkOptions = commonNetworkOptions // { networkOptions = commonNetworkOptions // {
@ -636,13 +691,55 @@ let
''; '';
}; };
# systemd.network.networks.*.dhcpConfig has been deprecated in favor of ….dhcpV4Config
# Produce a nice warning message so users know it is gone.
dhcpConfig = mkOption { dhcpConfig = mkOption {
visible = false;
apply = _: throw "The option `systemd.network.networks.*.dhcpConfig` can no longer be used since it's been removed. Please use `systemd.network.networks.*.dhcpV4Config` instead.";
};
dhcpV4Config = mkOption {
default = {}; default = {};
example = { UseDNS = true; UseRoutes = true; }; example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcp; type = types.addCheck (types.attrsOf unitOption) checkDhcpV4;
description = '' description = ''
Each attribute in this set specifies an option in the Each attribute in this set specifies an option in the
<literal>[DHCP]</literal> section of the unit. See <literal>[DHCPv4]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dhcpV6Config = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcpV6;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPv6]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ipv6PrefixDelegationConfig = mkOption {
default = {};
example = { EmitDNS = true; Managed = true; OtherInformation = true; };
type = types.addCheck (types.attrsOf unitOption) checkIpv6PrefixDelegation;
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6PrefixDelegation]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ipv6Prefixes = mkOption {
default = [];
example = { AddressAutoconfiguration = true; OnLink = true; };
type = with types; listOf (submodule ipv6PrefixOptions);
description = ''
A list of ipv6Prefix sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle> <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details. <manvolnum>5</manvolnum></citerefentry> for details.
''; '';
@ -973,11 +1070,26 @@ let
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)} ${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${concatStringsSep "\n" (map (s: "Xfrm=${s}") def.xfrm)} ${concatStringsSep "\n" (map (s: "Xfrm=${s}") def.xfrm)}
${optionalString (def.dhcpConfig != { }) '' ${optionalString (def.dhcpV4Config != { }) ''
[DHCP] [DHCPv4]
${attrsToSection def.dhcpConfig} ${attrsToSection def.dhcpV4Config}
''} ''}
${optionalString (def.dhcpV6Config != {}) ''
[DHCPv6]
${attrsToSection def.dhcpV6Config}
''}
${optionalString (def.ipv6PrefixDelegationConfig != {}) ''
[IPv6PrefixDelegation]
${attrsToSection def.ipv6PrefixDelegationConfig}
''}
${flip concatMapStrings def.ipv6Prefixes (x: ''
[IPv6Prefix]
${attrsToSection x.ipv6PrefixConfig}
'')}
${optionalString (def.dhcpServerConfig != { }) '' ${optionalString (def.dhcpServerConfig != { }) ''
[DHCPServer] [DHCPServer]
${attrsToSection def.dhcpServerConfig} ${attrsToSection def.dhcpServerConfig}
@ -1054,6 +1166,7 @@ in
}; };
config = mkMerge [ config = mkMerge [
# .link units are honored by udev, no matter if systemd-networkd is enabled or not. # .link units are honored by udev, no matter if systemd-networkd is enabled or not.
{ {
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links; systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links;

2
nixos/modules/virtualisation/nixos-containers.nix
View File

@ -546,7 +546,7 @@ in
Note that this option might require to do some adjustments to the container configuration, Note that this option might require to do some adjustments to the container configuration,
e.g. you might want to set e.g. you might want to set
<varname>systemd.network.networks.$interface.dhcpConfig.ClientIdentifier</varname> to "mac" <varname>systemd.network.networks.$interface.dhcpV4Config.ClientIdentifier</varname> to "mac"
if you use <varname>macvlans</varname> option. if you use <varname>macvlans</varname> option.
This way dhcp client identifier will be stable between the container restarts. This way dhcp client identifier will be stable between the container restarts.