diff options
| -rw-r--r-- | nixos/modules/services/networking/dhcpcd.nix | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index 866707c3a91..89aa9bdb6b6 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -6,6 +6,8 @@ let dhcpcd = if !config.boot.isContainer then pkgs.dhcpcd else pkgs.dhcpcd.override { udev = null; }; + cfg = config.networking.dhcpcd; + # Don't start dhcpcd on explicitly configured interfaces or on # interfaces that are part of a bridge, bond or sit device. ignoredInterfaces = @@ -38,7 +40,10 @@ let # (Xen) and virbr* and vnet* (libvirt). denyinterfaces ${toString ignoredInterfaces} lo peth* vif* tap* tun* virbr* vnet* vboxnet* sit* - ${config.networking.dhcpcd.extraConfig} + # Use the list of allowed interfaces if specified + ${optionalString (cfg.allowInterfaces != null) "allowinterfaces ${toString cfg.allowInterfaces}"} + + ${cfg.extraConfig} ''; # Hook for emitting ip-up/ip-down events. @@ -81,6 +86,17 @@ in ''; }; + networking.dhcpcd.allowInterfaces = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = '' + Enable the DHCP client for any interface whose name matches + any of the shell glob patterns in this list. Any interface not + explicitly matched by this pattern will be denied. This pattern only + applies when non-null. + ''; + }; + networking.dhcpcd.extraConfig = mkOption { type = types.lines; default = ""; |