alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

nixos/networkd: reoder code to match networkd documentation

Browse source
This commit is contained in:
datafoo 2020-07-01 18:05:32 +02:00
parent e9d13d3751
commit bb3ba3e515
1 changed files with 874 additions and 862 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

610
nixos/modules/system/boot/networkd.nix
View file

@ -8,7 +8,11 @@ let
cfg = config.systemd.network;
checkLink = checkUnitConfig "Link" [
check = {
link = {
sectionLink = checkUnitConfig "Link" [
(assertOnlyFields [
"Description"
"Alias"
@ -74,8 +78,25 @@ let
(assertInt "RxBufferSize")
(assertInt "TxBufferSize")
];
};
checkNetdev = checkUnitConfig "Netdev" [
netdev = let
tunChecks = [
(assertOnlyFields [
"MultiQueue"
"PacketInfo"
"VNetHeader"
"User"
"Group"
])
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
(assertValueOneOf "VNetHeader" boolValues)
];
in {
sectionNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description"
"Name"
@ -124,46 +145,7 @@ let
(assertMacAddress "MACAddress")
];
checkVRF = checkUnitConfig "VRF" [
(assertOnlyFields [
"Table"
])
(assertInt "Table")
(assertMinimum "Table" 0)
];
# NOTE The PrivateKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable let's
# refrain ourselves from providing a footgun.
checkWireGuard = checkUnitConfig "WireGuard" [
(assertOnlyFields [
"PrivateKeyFile"
"ListenPort"
"FirewallMark"
])
# The following check won't work on nix <= 2.2
# see https://github.com/NixOS/nix/pull/2378
#
# Add this again when we'll have drop the
# nix < 2.2 support.
# (assertRange "FirewallMark" 1 4294967295)
];
# NOTE The PresharedKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable,let's
# refrain ourselves from providing a footgun.
checkWireGuardPeer = checkUnitConfig "WireGuardPeer" [
(assertOnlyFields [
"PublicKey"
"PresharedKeyFile"
"AllowedIPs"
"Endpoint"
"PersistentKeepalive"
])
(assertRange "PersistentKeepalive" 0 65535)
];
checkVlan = checkUnitConfig "VLAN" [
sectionVLAN = checkUnitConfig "VLAN" [
(assertOnlyFields [
"Id"
"GVRP"
@ -178,14 +160,14 @@ let
(assertValueOneOf "ReorderHeader" boolValues)
];
checkMacvlan = checkUnitConfig "MACVLAN" [
sectionMACVLAN = checkUnitConfig "MACVLAN" [
(assertOnlyFields [
"Mode"
])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
checkVxlan = checkUnitConfig "VXLAN" [
sectionVXLAN = checkUnitConfig "VXLAN" [
(assertOnlyFields [
"VNI"
"Remote"
@ -230,7 +212,7 @@ let
(assertValueOneOf "IPDoNotFragment" (boolValues + ["inherit"]))
];
checkTunnel = checkUnitConfig "Tunnel" [
sectionTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields [
"Local"
"Remote"
@ -272,7 +254,7 @@ let
(assertRange "ERSPANIndex" 1 1048575)
];
checkPeer = checkUnitConfig "Peer" [
sectionPeer = checkUnitConfig "Peer" [
(assertOnlyFields [
"Name"
"MACAddress"
@ -280,24 +262,42 @@ let
(assertMacAddress "MACAddress")
];
tunTapChecks = [
sectionTun = checkUnitConfig "Tun" tunChecks;
sectionTap = checkUnitConfig "Tap" tunChecks;
# NOTE The PrivateKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable let's
# refrain ourselves from providing a footgun.
sectionWireGuard = checkUnitConfig "WireGuard" [
(assertOnlyFields [
"MultiQueue"
"PacketInfo"
"VNetHeader"
"User"
"Group"
"PrivateKeyFile"
"ListenPort"
"FirewallMark"
])
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
(assertValueOneOf "VNetHeader" boolValues)
# The following check won't work on nix <= 2.2
# see https://github.com/NixOS/nix/pull/2378
#
# Add this again when we'll have drop the
# nix < 2.2 support.
# (assertRange "FirewallMark" 1 4294967295)
];
checkTun = checkUnitConfig "Tun" tunTapChecks;
# NOTE The PresharedKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable,let's
# refrain ourselves from providing a footgun.
sectionWireGuardPeer = checkUnitConfig "WireGuardPeer" [
(assertOnlyFields [
"PublicKey"
"PresharedKeyFile"
"AllowedIPs"
"Endpoint"
"PersistentKeepalive"
])
(assertRange "PersistentKeepalive" 0 65535)
];
checkTap = checkUnitConfig "Tap" tunTapChecks;
checkBond = checkUnitConfig "Bond" [
sectionBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode"
"TransmitHashPolicy"
@ -356,7 +356,7 @@ let
(assertMinimum "MinLinks" 0)
];
checkXfrm = checkUnitConfig "Xfrm" [
sectionXfrm = checkUnitConfig "Xfrm" [
(assertOnlyFields [
"InterfaceId"
"Independent"
@ -370,7 +370,47 @@ let
(assertValueOneOf "Independent" boolValues)
];
checkNetwork = checkUnitConfig "Network" [
sectionVRF = checkUnitConfig "VRF" [
(assertOnlyFields [
"Table"
])
(assertInt "Table")
(assertMinimum "Table" 0)
];
};
network = {
sectionLink = checkUnitConfig "Link" [
(assertOnlyFields [
"MACAddress"
"MTUBytes"
"ARP"
"Multicast"
"AllMulticast"
"Unmanaged"
"RequiredForOnline"
])
(assertMacAddress "MACAddress")
(assertByteFormat "MTUBytes")
(assertValueOneOf "ARP" boolValues)
(assertValueOneOf "Multicast" boolValues)
(assertValueOneOf "AllMulticast" boolValues)
(assertValueOneOf "Unmanaged" boolValues)
(assertValueOneOf "RequiredForOnline" (boolValues ++ [
"missing"
"off"
"no-carrier"
"dormant"
"degraded-carrier"
"carrier"
"degraded"
"enslaved"
"routable"
]))
];
sectionNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description"
"DHCP"
@ -452,7 +492,7 @@ let
(assertValueOneOf "KeepConfiguration" (boolValues ++ ["static" "dhcp-on-stop" "dhcp"]))
];
checkAddress = checkUnitConfig "Address" [
sectionAddress = checkUnitConfig "Address" [
(assertOnlyFields [
"Address"
"Peer"
@ -475,7 +515,7 @@ let
(assertValueOneOf "AutoJoin" boolValues)
];
checkRoutingPolicyRule = checkUnitConfig "RoutingPolicyRule" [
sectionRoutingPolicyRule = checkUnitConfig "RoutingPolicyRule" [
(assertOnlyFields [
"TypeOfService"
"From"
@ -510,7 +550,7 @@ let
(assertRange "SuppressPrefixLength" 0 128)
];
checkRoute = checkUnitConfig "Route" [
sectionRoute = checkUnitConfig "Route" [
(assertOnlyFields [
"Gateway"
"GatewayOnLink"
@ -556,7 +596,7 @@ let
(assertValueOneOf "IPServiceType" ["CS6" "CS4"])
];
checkDhcpV4 = checkUnitConfig "DHCPv4" [
sectionDHCPv4 = checkUnitConfig "DHCPv4" [
(assertOnlyFields [
"UseDNS"
"RoutesToDNS"
@ -617,7 +657,7 @@ let
(assertValueOneOf "SendDecline" boolValues)
];
checkDhcpV6 = checkUnitConfig "DHCPv6" [
sectionDHCPv6 = checkUnitConfig "DHCPv6" [
(assertOnlyFields [
"UseDNS"
"UseNTP"
@ -631,38 +671,7 @@ let
(assertValueOneOf "ForceDHCPv6PDOtherInformation" boolValues)
];
checkIpv6PrefixDelegation = checkUnitConfig "IPv6PrefixDelegation" [
(assertOnlyFields [
"Managed"
"OtherInformation"
"RouterLifetimeSec"
"RouterPreference"
"EmitDNS"
"DNS"
"EmitDomains"
"Domains"
"DNSLifetimeSec"
])
(assertValueOneOf "Managed" boolValues)
(assertValueOneOf "OtherInformation" boolValues)
(assertValueOneOf "RouterPreference" ["high" "medium" "low" "normal" "default"])
(assertValueOneOf "EmitDNS" boolValues)
(assertValueOneOf "EmitDomains" boolValues)
];
checkIpv6Prefix = checkUnitConfig "IPv6Prefix" [
(assertOnlyFields [
"AddressAutoconfiguration"
"OnLink"
"Prefix"
"PreferredLifetimeSec"
"ValidLifetimeSec"
])
(assertValueOneOf "AddressAutoconfiguration" boolValues)
(assertValueOneOf "OnLink" boolValues)
];
checkDhcpServer = checkUnitConfig "DHCPServer" [
sectionDHCPServer = checkUnitConfig "DHCPServer" [
(assertOnlyFields [
"PoolOffset"
"PoolSize"
@ -690,36 +699,40 @@ let
(assertValueOneOf "EmitTimezone" boolValues)
];
# .network files have a [Link] section with different options than in .link files
checkNetworkLink = checkUnitConfig "Link" [
sectionIPv6PrefixDelegation = checkUnitConfig "IPv6PrefixDelegation" [
(assertOnlyFields [
"MACAddress"
"MTUBytes"
"ARP"
"Multicast"
"AllMulticast"
"Unmanaged"
"RequiredForOnline"
"Managed"
"OtherInformation"
"RouterLifetimeSec"
"RouterPreference"
"EmitDNS"
"DNS"
"EmitDomains"
"Domains"
"DNSLifetimeSec"
])
(assertMacAddress "MACAddress")
(assertByteFormat "MTUBytes")
(assertValueOneOf "ARP" boolValues)
(assertValueOneOf "Multicast" boolValues)
(assertValueOneOf "AllMulticast" boolValues)
(assertValueOneOf "Unmanaged" boolValues)
(assertValueOneOf "RequiredForOnline" (boolValues ++ [
"missing"
"off"
"no-carrier"
"dormant"
"degraded-carrier"
"carrier"
"degraded"
"enslaved"
"routable"
]))
(assertValueOneOf "Managed" boolValues)
(assertValueOneOf "OtherInformation" boolValues)
(assertValueOneOf "RouterPreference" ["high" "medium" "low" "normal" "default"])
(assertValueOneOf "EmitDNS" boolValues)
(assertValueOneOf "EmitDomains" boolValues)
];
sectionIPv6Prefix = checkUnitConfig "IPv6Prefix" [
(assertOnlyFields [
"AddressAutoconfiguration"
"OnLink"
"Prefix"
"PreferredLifetimeSec"
"ValidLifetimeSec"
])
(assertValueOneOf "AddressAutoconfiguration" boolValues)
(assertValueOneOf "OnLink" boolValues)
];
};
};
commonNetworkOptions = {
enable = mkOption {
@ -764,7 +777,7 @@ let
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
type = types.addCheck (types.attrsOf unitOption) checkLink;
type = types.addCheck (types.attrsOf unitOption) check.link.sectionLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
@ -775,12 +788,28 @@ let
};
wireguardPeerOptions = {
options = {
wireguardPeerConfig = mkOption {
default = {};
example = { };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionWireGuardPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[WireGuardPeer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
type = types.addCheck (types.attrsOf unitOption) checkNetdev;
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionNetdev;
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
@ -789,18 +818,87 @@ let
'';
};
vrfConfig = mkOption {
vlanConfig = mkOption {
default = {};
example = { Table = 2342; };
type = types.addCheck (types.attrsOf unitOption) checkVRF;
example = { Id = 4; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVLAN;
description = ''
Each attribute in this set specifies an option in the
<literal>[VRF]</literal> section of the unit. See
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionMACVLAN;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVXLAN;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
A detailed explanation about how VRFs work can be found in the
<link xlink:href="https://www.kernel.org/doc/Documentation/networking/vrf.txt">kernel
docs</link>.
'';
};
@ -811,7 +909,7 @@ let
ListenPort = 51820;
FwMark = 42;
};
type = types.addCheck (types.attrsOf unitOption) checkWireGuard;
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionWireGuard;
description = ''
Each attribute in this set specifies an option in the
<literal>[WireGuard]</literal> section of the unit. See
@ -844,94 +942,10 @@ let
'';
};
vlanConfig = mkOption {
default = {};
example = { Id = 4; };
type = types.addCheck (types.attrsOf unitOption) checkVlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) checkMacvlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVxlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) checkTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) checkPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
type = types.addCheck (types.attrsOf unitOption) checkBond;
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionBond;
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
@ -943,7 +957,7 @@ let
xfrmConfig = mkOption {
default = {};
example = { InterfaceId = 1; };
type = types.addCheck (types.attrsOf unitOption) checkXfrm;
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionXfrm;
description = ''
Each attribute in this set specifies an option in the
<literal>[Xfrm]</literal> section of the unit. See
@ -952,6 +966,21 @@ let
'';
};
vrfConfig = mkOption {
default = {};
example = { Table = 2342; };
type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionVRF;
description = ''
Each attribute in this set specifies an option in the
<literal>[VRF]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
A detailed explanation about how VRFs work can be found in the
<link xlink:href="https://www.kernel.org/doc/Documentation/networking/vrf.txt">kernel
docs</link>.
'';
};
};
addressOptions = {
@ -959,7 +988,7 @@ let
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
type = types.addCheck (types.attrsOf unitOption) checkAddress;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionAddress;
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
@ -975,7 +1004,7 @@ let
routingPolicyRuleConfig = mkOption {
default = { };
example = { routingPolicyRuleConfig = { Table = 10; IncomingInterface = "eth1"; Family = "both"; } ;};
type = types.addCheck (types.attrsOf unitOption) checkRoutingPolicyRule;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionRoutingPolicyRule;
description = ''
Each attribute in this set specifies an option in the
<literal>[RoutingPolicyRule]</literal> section of the unit. See
@ -991,7 +1020,7 @@ let
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
type = types.addCheck (types.attrsOf unitOption) checkRoute;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionRoute;
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
@ -1002,28 +1031,12 @@ let
};
};
wireguardPeerOptions = {
options = {
wireguardPeerConfig = mkOption {
default = {};
example = { };
type = types.addCheck (types.attrsOf unitOption) checkWireGuardPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[WireGuardPeer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
};
ipv6PrefixOptions = {
options = {
ipv6PrefixConfig = mkOption {
default = {};
example = { Prefix = "fd00::/64"; };
type = types.addCheck (types.attrsOf unitOption) checkIpv6Prefix;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionIPv6Prefix;
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6Prefix]</literal> section of the unit. See
@ -1034,13 +1047,24 @@ let
};
};
networkOptions = commonNetworkOptions // {
linkConfig = mkOption {
default = {};
example = { Unmanaged = true; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
@ -1059,7 +1083,7 @@ let
dhcpV4Config = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcpV4;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPv4;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPv4]</literal> section of the unit. See
@ -1071,7 +1095,7 @@ let
dhcpV6Config = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcpV6;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPv6;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPv6]</literal> section of the unit. See
@ -1080,10 +1104,22 @@ let
'';
};
dhcpServerConfig = mkOption {
default = {};
example = { PoolOffset = 50; EmitDNS = false; };
type = types.addCheck (types.attrsOf unitOption) check.network.sectionDHCPServer;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPServer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ipv6PrefixDelegationConfig = mkOption {
default = {};
example = { EmitDNS = true; Managed = true; OtherInformation = true; };
type = types.addCheck (types.attrsOf unitOption) checkIpv6PrefixDelegation;
type = types.addCheck (types.attrsOf unitOption) check.network.sectionIPv6PrefixDelegation;
description = ''
Each attribute in this set specifies an option in the
<literal>[IPv6PrefixDelegation]</literal> section of the unit. See
@ -1103,30 +1139,6 @@ let
'';
};
dhcpServerConfig = mkOption {
default = {};
example = { PoolOffset = 50; EmitDNS = false; };
type = types.addCheck (types.attrsOf unitOption) checkDhcpServer;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCPServer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
linkConfig = mkOption {
default = {};
example = { Unmanaged = true; };
type = types.addCheck (types.attrsOf unitOption) checkNetworkLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
@ -1374,6 +1386,16 @@ let
${attrsToSection def.tapConfig}
''}
${optionalString (def.wireguardConfig != { }) ''
[WireGuard]
${attrsToSection def.wireguardConfig}
''}
${flip concatMapStrings def.wireguardPeers (x: ''
[WireGuardPeer]
${attrsToSection x.wireguardPeerConfig}
'')}
${optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
@ -1389,16 +1411,6 @@ let
${attrsToSection def.vrfConfig}
''}
${optionalString (def.wireguardConfig != { }) ''
[WireGuard]
${attrsToSection def.wireguardConfig}
''}
${flip concatMapStrings def.wireguardPeers (x: ''
[WireGuardPeer]
${attrsToSection x.wireguardPeerConfig}
'')}
${def.extraConfig}
'';
};
@ -1428,6 +1440,21 @@ let
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${concatStringsSep "\n" (map (s: "Xfrm=${s}") def.xfrm)}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routingPolicyRules (x: ''
[RoutingPolicyRule]
${attrsToSection x.routingPolicyRuleConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
${optionalString (def.dhcpV4Config != { }) ''
[DHCPv4]
${attrsToSection def.dhcpV4Config}
@ -1437,6 +1464,11 @@ let
[DHCPv6]
${attrsToSection def.dhcpV6Config}
''}
${optionalString (def.dhcpServerConfig != { }) ''
[DHCPServer]
${attrsToSection def.dhcpServerConfig}
''}
${optionalString (def.ipv6PrefixDelegationConfig != {}) ''
[IPv6PrefixDelegation]
@ -1447,26 +1479,6 @@ let
[IPv6Prefix]
${attrsToSection x.ipv6PrefixConfig}
'')}
${optionalString (def.dhcpServerConfig != { }) ''
[DHCPServer]
${attrsToSection def.dhcpServerConfig}
''}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
${flip concatMapStrings def.routingPolicyRules (x: ''
[RoutingPolicyRule]
${attrsToSection x.routingPolicyRuleConfig}
'')}
${def.extraConfig}
'';