networking.useDHCP: disallow for networkd

This setting will be removed with the switch to systemd-networkd. The use of per interface config is encouraged instead.
2019-09-23 16:37:58 +02:00 · 2019-09-23 16:37:58 +02:00 · c26c6241ea
parent 5426932f7c
commit c26c6241ea
4 changed files with 28 additions and 9 deletions
--- a/nixos/modules/tasks/network-interfaces-systemd.nix
+++ b/nixos/modules/tasks/network-interfaces-systemd.nix
@ -38,6 +38,12 @@ in
    } {
      assertion = cfg.defaultGateway6 == null || cfg.defaultGateway6.interface == null;
      message = "networking.defaultGateway6.interface is not supported by networkd.";
+    } {
+      assertion = cfg.useDHCP == false;
+      message = ''
+        networking.useDHCP is not supported by networkd.
+        Please use per interface configuration and set the global option to false.
+      '';
    } ] ++ flip mapAttrsToList cfg.bridges (n: { rstp, ... }: {
      assertion = !rstp;
      message = "networking.bridges.${n}.rstp is not supported by networkd.";
@ -56,9 +62,7 @@ in
        genericNetwork = override:
          let gateway = optional (cfg.defaultGateway != null) cfg.defaultGateway.address
            ++ optional (cfg.defaultGateway6 != null) cfg.defaultGateway6.address;
-          in {
-            DHCP = override (dhcpStr cfg.useDHCP);
-          } // optionalAttrs (gateway != [ ]) {
+          in optionalAttrs (gateway != [ ]) {
            routes = override [
              {
                routeConfig = {
@ -97,7 +101,7 @@ in
        networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) {
          name = mkDefault i.name;
          DHCP = mkForce (dhcpStr
-            (if i.useDHCP != null then i.useDHCP else cfg.useDHCP && interfaceIps i == [ ]));
+            (if i.useDHCP != null then i.useDHCP else false));
          address = forEach (interfaceIps i)
            (ip: "${ip.address}/${toString ip.prefixLength}");
          networkConfig.IPv6PrivacyExtensions = "kernel";
--- a/nixos/tests/networking.nix
+++ b/nixos/tests/networking.nix
@ -72,6 +72,7 @@ let
  testCases = {
    loopback = {
      name = "Loopback";
+      machine.networking.useDHCP = false;
      machine.networking.useNetworkd = networkd;
      testScript = ''
        startAll;
@ -139,14 +140,16 @@ let
        virtualisation.vlans = [ 1 2 ];
        networking = {
          useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
          interfaces.eth1 = {
            ipv4.addresses = mkOverride 0 [ ];
            ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
          };
          interfaces.eth2 = {
            ipv4.addresses = mkOverride 0 [ ];
            ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
          };
        };
      };
@ -320,13 +323,19 @@ let
        virtualisation.vlans = [ 1 ];
        networking = {
          useNetworkd = networkd;
+          useDHCP = false;
          firewall.logReversePathDrops = true; # to debug firewall rules
          # reverse path filtering rules for the macvlan interface seem
          # to be incorrect, causing the test to fail. Disable temporarily.
          firewall.checkReversePath = false;
-          useDHCP = true;
          macvlans.macvlan.interface = "eth1";
-          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];
+          interfaces.eth1 = {
+            ipv4.addresses = mkOverride 0 [ ];
+            useDHCP = true;
+          };
+          interfaces.macvlan = {
+            useDHCP = true;
+          };
        };
      };
      testScript = { ... }:
@ -440,6 +449,7 @@ let
    virtual = {
      name = "Virtual";
      machine = {
+        networking.useNetworkd = networkd;
        networking.interfaces.tap0 = {
          ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];
          ipv6.addresses = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ];
@ -489,6 +499,7 @@ let
        boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
        networking = {
          useNetworkd = networkd;
+          useDHCP = false;
          interfaces.eth1.ipv6.addresses = singleton {
            address = "fd00:1234:5678:1::1";
            prefixLength = 64;
@ -514,11 +525,12 @@ let
        virtualisation.vlans = [ 1 ];
        networking = {
          useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
          interfaces.eth1 = {
            preferTempAddress = true;
            ipv4.addresses = mkOverride 0 [ ];
            ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
          };
        };
      };
@ -526,11 +538,12 @@ let
        virtualisation.vlans = [ 1 ];
        networking = {
          useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
          interfaces.eth1 = {
            preferTempAddress = false;
            ipv4.addresses = mkOverride 0 [ ];
            ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
          };
        };
      };
--- a/nixos/tests/predictable-interface-names.nix
+++ b/nixos/tests/predictable-interface-names.nix
@ -16,6 +16,7 @@ in pkgs.lib.listToAttrs (pkgs.lib.crossLists (predictable: withNetworkd: {
      networking.usePredictableInterfaceNames = lib.mkForce predictable;
      networking.useNetworkd = withNetworkd;
      networking.dhcpcd.enable = !withNetworkd;
+      networking.useDHCP = !withNetworkd;
    };

    testScript = ''
--- a/nixos/tests/systemd-networkd-wireguard.nix
+++ b/nixos/tests/systemd-networkd-wireguard.nix
@ -2,6 +2,7 @@ let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ...
      imports = [ common/user-account.nix ];
      systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
      networking.useNetworkd = true;
+      networking.useDHCP = false;
      networking.firewall.enable = false;
      virtualisation.vlans = [ 1 ];
      environment.systemPackages = with pkgs; [ wireguard-tools ];