mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-20 04:31:52 +00:00
nixos/network-interfaces: Add support for multiple ipv4 / ipv6 addresses
This commit is contained in:
William A. Kennington III
parent
4280305a41
commit
098c8f4c77
|
|
@ -11,7 +11,7 @@ let
|
|||
# Don't start dhcpcd on explicitly configured interfaces or on
|
||||
# interfaces that are part of a bridge, bond or sit device.
|
||||
ignoredInterfaces =
|
||||
map (i: i.name) (filter (i: i.ipAddress != null) (attrValues config.networking.interfaces))
|
||||
map (i: i.name) (filter (i: i.ip4 != [ ]) (attrValues config.networking.interfaces))
|
||||
++ mapAttrsToList (i: _: i) config.networking.sits
|
||||
++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bridges))
|
||||
++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bonds))
|
||||
|
|
|
|||
|
|
@ -10,6 +10,26 @@ let
|
|||
hasSits = cfg.sits != { };
|
||||
hasBonds = cfg.bonds != { };
|
||||
|
||||
addrOpts = v:
|
||||
assert v == 4 || v == 6;
|
||||
{
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
IPv${toString v} address of the interface. Leave empty to configure the
|
||||
interface using DHCP.
|
||||
'';
|
||||
};
|
||||
|
||||
prefixLength = mkOption {
|
||||
type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));
|
||||
description = ''
|
||||
Subnet mask of the interface, specified as the number of
|
||||
bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>).
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
interfaceOpts = { name, ... }: {
|
||||
|
||||
options = {
|
||||
|
|
@ -20,54 +40,64 @@ let
|
|||
description = "Name of the interface.";
|
||||
};
|
||||
|
||||
ip4 = mkOption {
|
||||
default = [ ];
|
||||
example = [
|
||||
{ address = "10.0.0.1"; prefixLength = 16; }
|
||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
||||
];
|
||||
type = types.listOf types.optionSet;
|
||||
options = addrOpts 4;
|
||||
description = ''
|
||||
List of IPv4 addresses that will be statically assigned to the interface.
|
||||
'';
|
||||
};
|
||||
|
||||
ip6 = mkOption {
|
||||
default = [ ];
|
||||
example = [
|
||||
{ address = "fdfd:b3f0:482::1"; prefixLength = 48; }
|
||||
{ address = "2001:1470:fffd:2098::e006"; prefixLength = 64; }
|
||||
];
|
||||
type = types.listOf types.optionSet;
|
||||
options = addrOpts 6;
|
||||
description = ''
|
||||
List of IPv6 addresses that will be statically assigned to the interface.
|
||||
'';
|
||||
};
|
||||
|
||||
ipAddress = mkOption {
|
||||
default = null;
|
||||
example = "10.0.0.1";
|
||||
type = types.nullOr (types.str);
|
||||
description = ''
|
||||
IP address of the interface. Leave empty to configure the
|
||||
interface using DHCP.
|
||||
Defunct, create an address in the ip4 list instead.
|
||||
'';
|
||||
};
|
||||
|
||||
prefixLength = mkOption {
|
||||
default = null;
|
||||
example = 24;
|
||||
type = types.nullOr types.int;
|
||||
description = ''
|
||||
Subnet mask of the interface, specified as the number of
|
||||
bits in the prefix (<literal>24</literal>).
|
||||
Defunct, supply the prefix length in the ip4 list instead.
|
||||
'';
|
||||
};
|
||||
|
||||
subnetMask = mkOption {
|
||||
default = "";
|
||||
example = "255.255.255.0";
|
||||
type = types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Subnet mask of the interface, specified as a bitmask.
|
||||
This is deprecated; use <option>prefixLength</option>
|
||||
instead.
|
||||
Defunct, supply the prefix length in the ip4 list instead.
|
||||
'';
|
||||
};
|
||||
|
||||
ipv6Address = mkOption {
|
||||
default = null;
|
||||
example = "2001:1470:fffd:2098::e006";
|
||||
type = types.nullOr types.string;
|
||||
description = ''
|
||||
IPv6 address of the interface. Leave empty to configure the
|
||||
interface using NDP.
|
||||
Defunct, create an address in the ip6 list instead.
|
||||
'';
|
||||
};
|
||||
|
||||
ipv6prefixLength = mkOption {
|
||||
default = 64;
|
||||
example = 64;
|
||||
type = types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
Subnet mask of the interface, specified as the number of
|
||||
bits in the prefix (<literal>64</literal>).
|
||||
Defunct, supply the prefix length in the ip6 list instead.
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
@ -438,6 +468,16 @@ in
|
|||
|
||||
config = {
|
||||
|
||||
assertions =
|
||||
flip map interfaces (i: {
|
||||
assertion = i.ipAddress == null && i.prefixLength == null && i.subnetMask == null;
|
||||
message = "The networking.interfaces.${i.name}.ipAddress option is defunct. Use networking.ip4 instead.";
|
||||
})
|
||||
++ flip map interfaces (i: {
|
||||
assertion = i.ipv6Address == null && i.ipv6prefixLength == null;
|
||||
message = "The networking.interfaces.${i.name}.ipv6Address option is defunct. Use networking.ip6 instead.";
|
||||
});
|
||||
|
||||
boot.kernelModules = [ ]
|
||||
++ optional cfg.enableIPv6 "ipv6"
|
||||
++ optional hasVirtuals "tun"
|
||||
|
|
@ -535,11 +575,6 @@ in
|
|||
# has appeared, and it's stopped when the interface
|
||||
# disappears.
|
||||
configureInterface = i: nameValuePair "${i.name}-cfg"
|
||||
(let mask =
|
||||
if i.prefixLength != null then toString i.prefixLength else
|
||||
if i.subnetMask != "" then i.subnetMask else "32";
|
||||
staticIPv6 = cfg.enableIPv6 && i.ipv6Address != null;
|
||||
in
|
||||
{ description = "Configuration of ${i.name}";
|
||||
wantedBy = [ "network-interfaces.target" ];
|
||||
bindsTo = [ "sys-subsystem-net-devices-${i.name}.device" ];
|
||||
|
|
@ -562,36 +597,32 @@ in
|
|||
echo "setting MTU to ${toString i.mtu}..."
|
||||
ip link set "${i.name}" mtu "${toString i.mtu}"
|
||||
''
|
||||
+ optionalString (i.ipAddress != null)
|
||||
|
||||
# Ip Setup
|
||||
+
|
||||
''
|
||||
cur=$(ip -4 -o a show dev "${i.name}" | awk '{print $4}')
|
||||
# Only do a flush/add if it's necessary. This is
|
||||
curIps=$(ip -o a show dev "${i.name}" | awk '{print $4}')
|
||||
# Only do an add if it's necessary. This is
|
||||
# useful when the Nix store is accessed via this
|
||||
# interface (e.g. in a QEMU VM test).
|
||||
if [ "$cur" != "${i.ipAddress}/${mask}" ]; then
|
||||
echo "configuring interface..."
|
||||
ip -4 addr flush dev "${i.name}"
|
||||
ip -4 addr add "${i.ipAddress}/${mask}" dev "${i.name}"
|
||||
restart_network_setup=true
|
||||
else
|
||||
echo "skipping configuring interface"
|
||||
''
|
||||
+ flip concatMapStrings (i.ip4 ++ optionals cfg.enableIPv6 i.ip6) (ip:
|
||||
let
|
||||
address = "${ip.address}/${toString ip.prefixLength}";
|
||||
in
|
||||
''
|
||||
echo "checking ip ${address}..."
|
||||
if ! echo "$curIps" | grep "${address}" >/dev/null 2>&1; then
|
||||
if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then
|
||||
echo "added ip ${address}..."
|
||||
restart_network_setup=true
|
||||
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
|
||||
echo "failed to add ${address}"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
''
|
||||
+ optionalString (staticIPv6)
|
||||
''
|
||||
# Only do a flush/add if it's necessary. This is
|
||||
# useful when the Nix store is accessed via this
|
||||
# interface (e.g. in a QEMU VM test).
|
||||
if ! ip -6 -o a show dev "${i.name}" | grep "${i.ipv6Address}/${toString i.ipv6prefixLength}"; then
|
||||
echo "configuring interface..."
|
||||
ip -6 addr flush dev "${i.name}"
|
||||
ip -6 addr add "${i.ipv6Address}/${toString i.ipv6prefixLength}" dev "${i.name}"
|
||||
restart_network_setup=true
|
||||
else
|
||||
echo "skipping configuring interface"
|
||||
fi
|
||||
''
|
||||
+ optionalString (i.ipAddress != null || staticIPv6)
|
||||
'')
|
||||
+ optionalString (i.ip4 != [ ] || (cfg.enableIPv6 && i.ip6 != [ ]))
|
||||
''
|
||||
if [ restart_network_setup = true ]; then
|
||||
# Ensure that the default gateway remains set.
|
||||
|
|
@ -608,7 +639,7 @@ in
|
|||
''
|
||||
echo 1 > /proc/sys/net/ipv6/conf/${i.name}/proxy_ndp
|
||||
'';
|
||||
});
|
||||
};
|
||||
|
||||
createTunDevice = i: nameValuePair "${i.name}"
|
||||
{ description = "Virtual Network Interface ${i.name}";
|
||||
|
|
|
|||
Loading…
Reference in a new issue