diff options
| author | William A. Kennington III <william@wkennington.com> | 2014-07-04 14:57:19 -0500 |
|---|---|---|
| committer | William A. Kennington III <william@wkennington.com> | 2014-08-30 07:33:38 -0700 |
| commit | 098c8f4c77b1ed9ea28b5aabadde24b17df8d568 (patch) | |
| tree | 1b452d92b78e05704ade92059c4d4309b35471ae | |
| parent | 4280305a41a8054d6669f0229cf1d88f2867c36e (diff) | |
| download | nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar.gz nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar.bz2 nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar.lz nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar.xz nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.tar.zst nixpkgs-098c8f4c77b1ed9ea28b5aabadde24b17df8d568.zip | |
nixos/network-interfaces: Add support for multiple ipv4 / ipv6 addresses
| -rw-r--r-- | nixos/modules/services/networking/dhcpcd.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 137 |
2 files changed, 85 insertions, 54 deletions
diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index 89aa9bdb6b6..65b4319b50a 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -11,7 +11,7 @@ let # Don't start dhcpcd on explicitly configured interfaces or on # interfaces that are part of a bridge, bond or sit device. ignoredInterfaces = - map (i: i.name) (filter (i: i.ipAddress != null) (attrValues config.networking.interfaces)) + map (i: i.name) (filter (i: i.ip4 != [ ]) (attrValues config.networking.interfaces)) ++ mapAttrsToList (i: _: i) config.networking.sits ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bridges)) ++ concatLists (attrValues (mapAttrs (n: v: v.interfaces) config.networking.bonds)) diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 7dabe70f00c..30e2a143419 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -10,6 +10,26 @@ let hasSits = cfg.sits != { }; hasBonds = cfg.bonds != { }; + addrOpts = v: + assert v == 4 || v == 6; + { + address = mkOption { + type = types.str; + description = '' + IPv${toString v} address of the interface. Leave empty to configure the + interface using DHCP. + ''; + }; + + prefixLength = mkOption { + type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128)); + description = '' + Subnet mask of the interface, specified as the number of + bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>). + ''; + }; + }; + interfaceOpts = { name, ... }: { options = { @@ -20,54 +40,64 @@ let description = "Name of the interface."; }; + ip4 = mkOption { + default = [ ]; + example = [ + { address = "10.0.0.1"; prefixLength = 16; } + { address = "192.168.1.1"; prefixLength = 24; } + ]; + type = types.listOf types.optionSet; + options = addrOpts 4; + description = '' + List of IPv4 addresses that will be statically assigned to the interface. + ''; + }; + + ip6 = mkOption { + default = [ ]; + example = [ + { address = "fdfd:b3f0:482::1"; prefixLength = 48; } + { address = "2001:1470:fffd:2098::e006"; prefixLength = 64; } + ]; + type = types.listOf types.optionSet; + options = addrOpts 6; + description = '' + List of IPv6 addresses that will be statically assigned to the interface. + ''; + }; + ipAddress = mkOption { default = null; - example = "10.0.0.1"; - type = types.nullOr (types.str); description = '' - IP address of the interface. Leave empty to configure the - interface using DHCP. + Defunct, create an address in the ip4 list instead. ''; }; prefixLength = mkOption { default = null; - example = 24; - type = types.nullOr types.int; description = '' - Subnet mask of the interface, specified as the number of - bits in the prefix (<literal>24</literal>). + Defunct, supply the prefix length in the ip4 list instead. ''; }; subnetMask = mkOption { - default = ""; - example = "255.255.255.0"; - type = types.str; + default = null; description = '' - Subnet mask of the interface, specified as a bitmask. - This is deprecated; use <option>prefixLength</option> - instead. + Defunct, supply the prefix length in the ip4 list instead. ''; }; ipv6Address = mkOption { default = null; - example = "2001:1470:fffd:2098::e006"; - type = types.nullOr types.string; description = '' - IPv6 address of the interface. Leave empty to configure the - interface using NDP. + Defunct, create an address in the ip6 list instead. ''; }; ipv6prefixLength = mkOption { - default = 64; - example = 64; - type = types.int; + default = null; description = '' - Subnet mask of the interface, specified as the number of - bits in the prefix (<literal>64</literal>). + Defunct, supply the prefix length in the ip6 list instead. ''; }; @@ -438,6 +468,16 @@ in config = { + assertions = + flip map interfaces (i: { + assertion = i.ipAddress == null && i.prefixLength == null && i.subnetMask == null; + message = "The networking.interfaces.${i.name}.ipAddress option is defunct. Use networking.ip4 instead."; + }) + ++ flip map interfaces (i: { + assertion = i.ipv6Address == null && i.ipv6prefixLength == null; + message = "The networking.interfaces.${i.name}.ipv6Address option is defunct. Use networking.ip6 instead."; + }); + boot.kernelModules = [ ] ++ optional cfg.enableIPv6 "ipv6" ++ optional hasVirtuals "tun" @@ -535,11 +575,6 @@ in # has appeared, and it's stopped when the interface # disappears. configureInterface = i: nameValuePair "${i.name}-cfg" - (let mask = - if i.prefixLength != null then toString i.prefixLength else - if i.subnetMask != "" then i.subnetMask else "32"; - staticIPv6 = cfg.enableIPv6 && i.ipv6Address != null; - in { description = "Configuration of ${i.name}"; wantedBy = [ "network-interfaces.target" ]; bindsTo = [ "sys-subsystem-net-devices-${i.name}.device" ]; @@ -562,36 +597,32 @@ in echo "setting MTU to ${toString i.mtu}..." ip link set "${i.name}" mtu "${toString i.mtu}" '' - + optionalString (i.ipAddress != null) + + # Ip Setup + + '' - cur=$(ip -4 -o a show dev "${i.name}" | awk '{print $4}') - # Only do a flush/add if it's necessary. This is + curIps=$(ip -o a show dev "${i.name}" | awk '{print $4}') + # Only do an add if it's necessary. This is # useful when the Nix store is accessed via this # interface (e.g. in a QEMU VM test). - if [ "$cur" != "${i.ipAddress}/${mask}" ]; then - echo "configuring interface..." - ip -4 addr flush dev "${i.name}" - ip -4 addr add "${i.ipAddress}/${mask}" dev "${i.name}" - restart_network_setup=true - else - echo "skipping configuring interface" - fi '' - + optionalString (staticIPv6) + + flip concatMapStrings (i.ip4 ++ optionals cfg.enableIPv6 i.ip6) (ip: + let + address = "${ip.address}/${toString ip.prefixLength}"; + in '' - # Only do a flush/add if it's necessary. This is - # useful when the Nix store is accessed via this - # interface (e.g. in a QEMU VM test). - if ! ip -6 -o a show dev "${i.name}" | grep "${i.ipv6Address}/${toString i.ipv6prefixLength}"; then - echo "configuring interface..." - ip -6 addr flush dev "${i.name}" - ip -6 addr add "${i.ipv6Address}/${toString i.ipv6prefixLength}" dev "${i.name}" - restart_network_setup=true - else - echo "skipping configuring interface" + echo "checking ip ${address}..." + if ! echo "$curIps" | grep "${address}" >/dev/null 2>&1; then + if out=$(ip addr add "${address}" dev "${i.name}" 2>&1); then + echo "added ip ${address}..." + restart_network_setup=true + elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then + echo "failed to add ${address}" + exit 1 + fi fi - '' - + optionalString (i.ipAddress != null || staticIPv6) + '') + + optionalString (i.ip4 != [ ] || (cfg.enableIPv6 && i.ip6 != [ ])) '' if [ restart_network_setup = true ]; then # Ensure that the default gateway remains set. @@ -608,7 +639,7 @@ in '' echo 1 > /proc/sys/net/ipv6/conf/${i.name}/proxy_ndp ''; - }); + }; createTunDevice = i: nameValuePair "${i.name}" { description = "Virtual Network Interface ${i.name}"; |