nixos/network-interfaces: make `preferTempAddr=false` work again

author: rnhmjoj <rnhmjoj@inventati.org> 2019-07-09 08:06:52 +0200
committer: Linus Heckemann <git@sphalerite.org> 2019-07-09 08:08:45 +0200
commit: 1738283e6e53267ed1999daedccfb1a6ca3306b7 (patch)
tree: dee4cfeb4cdeff67efa39fffdb19bb3872181049 /nixos/modules
parent: ab225fc1ab94b5fc8136566d56ec9044b05fcaa0 (diff)
download: nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.gz
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.bz2
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.lz
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.xz
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.zst
nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.zip
1 files changed, 13 insertions, 3 deletions
diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix
index e14cafa9b12..1a13e386947 100644
--- a/nixos/modules/tasks/network-interfaces.nix
+++ b/nixos/modules/tasks/network-interfaces.nix
@@ -1089,12 +1089,22 @@ in
 
     services.udev.packages =  [
       (pkgs.writeTextFile rec {
-        name = "99-ipv6-privacy-extensions.rules";
-        destination = "/etc/udev/rules.d/99-${name}";
+        name = "ipv6-privacy-extensions.rules";
+        destination = "/etc/udev/rules.d/98-${name}";
         text = ''
+          # enable and prefer IPv6 privacy addresses by default
           ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.%k.use_tempaddr=2"
         '';
-      }) ] ++ lib.optional (cfg.wlanInterfaces != {})
+      })
+      (pkgs.writeTextFile rec {
+        name = "ipv6-privacy-extensions.rules";
+        destination = "/etc/udev/rules.d/99-${name}";
+        text = concatMapStrings (i: ''
+          # enable IPv6 privacy addresses but prefer EUI-64 addresses for ${i.name}
+          ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${i.name}.use_tempaddr=1"
+        '') (filter (i: !i.preferTempAddress) interfaces);
+      })
+    ] ++ lib.optional (cfg.wlanInterfaces != {})
       (pkgs.writeTextFile {
         name = "99-zzz-40-wlanInterfaces.rules";
         destination = "/etc/udev/rules.d/99-zzz-40-wlanInterfaces.rules";
author	rnhmjoj <rnhmjoj@inventati.org>	2019-07-09 08:06:52 +0200
committer	Linus Heckemann <git@sphalerite.org>	2019-07-09 08:08:45 +0200
commit	1738283e6e53267ed1999daedccfb1a6ca3306b7 (patch)
tree	dee4cfeb4cdeff67efa39fffdb19bb3872181049 /nixos/modules
parent	ab225fc1ab94b5fc8136566d56ec9044b05fcaa0 (diff)
download	nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.gz nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.bz2 nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.lz nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.xz nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.tar.zst nixpkgs-1738283e6e53267ed1999daedccfb1a6ca3306b7.zip