summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorRobin Gloster <mail@glob.in>2019-09-23 16:37:58 +0200
committerRobin Gloster <mail@glob.in>2019-09-24 10:20:16 +0200
commitc26c6241eae93985c33590401fda971d7574c136 (patch)
tree1f8817c8c1420940050eb0cff117ff6595eb985c /nixos
parent5426932f7c664a8765d6904af20ef21310e95d4f (diff)
downloadnixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar.gz
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar.bz2
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar.lz
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar.xz
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.tar.zst
nixpkgs-c26c6241eae93985c33590401fda971d7574c136.zip
networking.useDHCP: disallow for networkd
This setting will be removed with the switch to systemd-networkd. The
use of per interface config is encouraged instead.
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/tasks/network-interfaces-systemd.nix12
-rw-r--r--nixos/tests/networking.nix23
-rw-r--r--nixos/tests/predictable-interface-names.nix1
-rw-r--r--nixos/tests/systemd-networkd-wireguard.nix1
4 files changed, 28 insertions, 9 deletions
diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix
index 34e27066715..605d00de58f 100644
--- a/nixos/modules/tasks/network-interfaces-systemd.nix
+++ b/nixos/modules/tasks/network-interfaces-systemd.nix
@@ -38,6 +38,12 @@ in
     } {
       assertion = cfg.defaultGateway6 == null || cfg.defaultGateway6.interface == null;
       message = "networking.defaultGateway6.interface is not supported by networkd.";
+    } {
+      assertion = cfg.useDHCP == false;
+      message = ''
+        networking.useDHCP is not supported by networkd.
+        Please use per interface configuration and set the global option to false.
+      '';
     } ] ++ flip mapAttrsToList cfg.bridges (n: { rstp, ... }: {
       assertion = !rstp;
       message = "networking.bridges.${n}.rstp is not supported by networkd.";
@@ -56,9 +62,7 @@ in
         genericNetwork = override:
           let gateway = optional (cfg.defaultGateway != null) cfg.defaultGateway.address
             ++ optional (cfg.defaultGateway6 != null) cfg.defaultGateway6.address;
-          in {
-            DHCP = override (dhcpStr cfg.useDHCP);
-          } // optionalAttrs (gateway != [ ]) {
+          in optionalAttrs (gateway != [ ]) {
             routes = override [
               {
                 routeConfig = {
@@ -97,7 +101,7 @@ in
         networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) {
           name = mkDefault i.name;
           DHCP = mkForce (dhcpStr
-            (if i.useDHCP != null then i.useDHCP else cfg.useDHCP && interfaceIps i == [ ]));
+            (if i.useDHCP != null then i.useDHCP else false));
           address = forEach (interfaceIps i)
             (ip: "${ip.address}/${toString ip.prefixLength}");
           networkConfig.IPv6PrivacyExtensions = "kernel";
diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix
index 7452768033a..f12a5fc9ae5 100644
--- a/nixos/tests/networking.nix
+++ b/nixos/tests/networking.nix
@@ -72,6 +72,7 @@ let
   testCases = {
     loopback = {
       name = "Loopback";
+      machine.networking.useDHCP = false;
       machine.networking.useNetworkd = networkd;
       testScript = ''
         startAll;
@@ -139,14 +140,16 @@ let
         virtualisation.vlans = [ 1 2 ];
         networking = {
           useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
           interfaces.eth1 = {
             ipv4.addresses = mkOverride 0 [ ];
             ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
           };
           interfaces.eth2 = {
             ipv4.addresses = mkOverride 0 [ ];
             ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
           };
         };
       };
@@ -320,13 +323,19 @@ let
         virtualisation.vlans = [ 1 ];
         networking = {
           useNetworkd = networkd;
+          useDHCP = false;
           firewall.logReversePathDrops = true; # to debug firewall rules
           # reverse path filtering rules for the macvlan interface seem
           # to be incorrect, causing the test to fail. Disable temporarily.
           firewall.checkReversePath = false;
-          useDHCP = true;
           macvlans.macvlan.interface = "eth1";
-          interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];
+          interfaces.eth1 = {
+            ipv4.addresses = mkOverride 0 [ ];
+            useDHCP = true;
+          };
+          interfaces.macvlan = {
+            useDHCP = true;
+          };
         };
       };
       testScript = { ... }:
@@ -440,6 +449,7 @@ let
     virtual = {
       name = "Virtual";
       machine = {
+        networking.useNetworkd = networkd;
         networking.interfaces.tap0 = {
           ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];
           ipv6.addresses = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ];
@@ -489,6 +499,7 @@ let
         boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
         networking = {
           useNetworkd = networkd;
+          useDHCP = false;
           interfaces.eth1.ipv6.addresses = singleton {
             address = "fd00:1234:5678:1::1";
             prefixLength = 64;
@@ -514,11 +525,12 @@ let
         virtualisation.vlans = [ 1 ];
         networking = {
           useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
           interfaces.eth1 = {
             preferTempAddress = true;
             ipv4.addresses = mkOverride 0 [ ];
             ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
           };
         };
       };
@@ -526,11 +538,12 @@ let
         virtualisation.vlans = [ 1 ];
         networking = {
           useNetworkd = networkd;
-          useDHCP = true;
+          useDHCP = false;
           interfaces.eth1 = {
             preferTempAddress = false;
             ipv4.addresses = mkOverride 0 [ ];
             ipv6.addresses = mkOverride 0 [ ];
+            useDHCP = true;
           };
         };
       };
diff --git a/nixos/tests/predictable-interface-names.nix b/nixos/tests/predictable-interface-names.nix
index 85047f66f23..194b4dafa77 100644
--- a/nixos/tests/predictable-interface-names.nix
+++ b/nixos/tests/predictable-interface-names.nix
@@ -16,6 +16,7 @@ in pkgs.lib.listToAttrs (pkgs.lib.crossLists (predictable: withNetworkd: {
       networking.usePredictableInterfaceNames = lib.mkForce predictable;
       networking.useNetworkd = withNetworkd;
       networking.dhcpcd.enable = !withNetworkd;
+      networking.useDHCP = !withNetworkd;
     };
 
     testScript = ''
diff --git a/nixos/tests/systemd-networkd-wireguard.nix b/nixos/tests/systemd-networkd-wireguard.nix
index f1ce1e791ce..aa0ac54e796 100644
--- a/nixos/tests/systemd-networkd-wireguard.nix
+++ b/nixos/tests/systemd-networkd-wireguard.nix
@@ -2,6 +2,7 @@ let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ...
       imports = [ common/user-account.nix ];
       systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
       networking.useNetworkd = true;
+      networking.useDHCP = false;
       networking.firewall.enable = false;
       virtualisation.vlans = [ 1 ];
       environment.systemPackages = with pkgs; [ wireguard-tools ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-16 06:43:33 +0000