| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
| |
We don't support Linux kernels older than 4.4 in Nixpkgs.
|
| |
|
|
|
|
| |
Closes https://github.com/NixOS/nixpkgs/pull/93635.
|
|\
| |
| | |
nixos/network: add gre virtual interfaces
|
| |
| |
| |
| |
| | |
Add `networking.greTunnels` option that allows a GRE tunnel to be
configured in NixOS.
|
|/
|
|
|
| |
adds defaultText for options with defaults that use only literals, full config.*
paths, and the cfg shortcut binding.
|
|\ |
|
| |
| |
| |
| |
| | |
until the issues in https://github.com/NixOS/nixpkgs/pull/138978
have been resolved
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this setting was added in 2016 in commit
bcdd81d9e14d960cf2fc910b622e236728a7fc07
the posibility to preferTempAddress was added to
nixos/network-interface in 2018 in commit
1fec496f384c53df39684035bafb482865d3eff8
preferTempAddress was renamed to tempAddress
in 2020 in commit 2485e6399e1737d9795f836bb057ab0daf719f03
therefore this setting is redundant since nm will use the sysctl option
nixos/network-interfaces: add default to sysctl so that the value for it
is set
networkmanager falls back to it
https://man.archlinux.org/man/NetworkManager.conf.5
|
| |
|
|
|
|
|
|
| |
allows configuration of foo-over-udp decapsulation endpoints. sadly networkd
seems to lack the features necessary to support local and peer address
configuration, so those are only supported when using scripted configuration.
|
|\
| |
| | |
nixos/wakeonlan: switch to systemd.link and to nixos/networking
|
| | |
|
|/ |
|
|
|
|
| |
Fixes a regression from #126289
|
|
|
|
|
| |
This is slightly more verbose and inconvenient, but it forces you
to think about what the wrapper ownership and permissions will be.
|
| |
|
|\ |
|
| | |
|
|/
|
|
| |
This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c.
|
|
|
|
| |
9378fdf87e0626e8c63a90a378c38444ff54808b
|
| |
|
|\
| |
| | |
nixos/networking: Add a read-only option for the FQDN
|
| |
| |
| |
| |
| | |
This is a convenience option that can be used to quickly obtain the
configured FQDN.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We currently build CONFIG_IPV6=m.
This seems to be not really well-supported in mainline kernels - see
https://lore.kernel.org/netdev/20201115224509.2020651-1-flokli@flokli.de/T/#u
Compiling it as a module doesn't give too much benefit - even for people
who did explicitly set `enableIPv6` to false, the `ipv6` module was
still loaded, as soon as another module was loaded that requires it
(bridge,br_netfilter,wireguard,ip6table_mangle,sctp,…).
By compiling it in, we only loose the possibility to not add it to
`boot.kernelModules` anymore (as it's part of the kernel directly). The
space savings are negligible.
People wanting to disable IPv6 still get the appropriate sysctls and
options set (while having the kernel code loaded), nothing is really
changing here.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since #76542 this workaround is required to use a FQDN as hostname. See
#94011 and #94022 for the related discussion. Due to some
potential/unresolved issues (legacy software, backward compatibility,
etc.) we're documenting this workaround [0].
[0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
|
|/
|
|
|
|
|
|
|
|
| |
The special-use domain "home.arpa." is designated for non-unique use in
residential home networks [0] and registered as such [1]. Therefore it
is more appropriate than "home." which could cause conflicts or result
in queries that leak out and reach the root name servers.
[0]: https://tools.ietf.org/html/rfc8375
[1]: https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit fb6d63f3fdd95a5468d43a0693c8ca7c1894363f.
I really hope this finally fixes #99236: evaluation on Hydra.
This time I really did check basically the same commit on Hydra:
https://hydra.nixos.org/eval/1618011
Right now I don't have energy to find what exactly is wrong in the
commit, and it doesn't seem important in comparison to nixos-unstable
channel being stuck on a commit over one week old.
|
|
|
|
|
|
|
|
|
| |
Conform to RFC 1123 [0], specifically to "2.1 Host Names and Numbers",
which allow starting host name with alphanumerical instead of alphabetical characters.
RFC 1123 updates RFC 952 [1], which is referenced in "man 5 hosts".
[0]: https://tools.ietf.org/html/rfc1123
[1]: https://tools.ietf.org/html/rfc952
|
| |
|
|\
| |
| | |
treewide: completely remove types.loaOf
|
| | |
|
|/
|
|
|
|
|
|
|
|
| |
rfkill was subsumed by util-linux in 2017 [1], and the upstream has not
been updated in over 5 years [2]. This package shadows the rfkill from
util-linux, so it can be completely removed with no breaking changes,
because util-linux is in the base package set in nixos/system-path.
[1] https://github.com/karelzak/util-linux/commit/d17fb726b562a69e8f174d46fa6cf794abc129cd
[2] https://git.sipsolutions.net/rfkill.git/log/
|
|
|
| |
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
| |
This fixes a regression from 993baa587c4 which requires
networking.hostName to be a valid DNS label [0].
Unfortunately we missed the fact that the hostnames may also be empty,
if the user wants to obtain it from a DHCP server. This is even required
by a few modules/images (e.g. Amazon EC2, Azure, and Google Compute).
[0]: https://github.com/NixOS/nixpkgs/pull/76542#issuecomment-638138666
|
|\
| |
| | |
tasks/network-interfaces.nix: Enable ip_forwarding for ipv4 and p…
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `networking.interfaces.<name?>.proxyARP` option previously mentioned it would also enable IPv6 forwarding and `proxy_ndp`.
However, the `proxy_ndp` option was never actually set (the non-existing `net.ipv6.conf.proxy_arp` sysctl was set
instead). In addition `proxy_ndp` also needs individual entries for each ip to proxy for.
Proxy ARP and Proxy NDP are two different concepts, and enabling the latter
should be a conscious decision.
This commit removes the broken NDP support, and disables explicitly
enabling IPv6 forwarding (which is the default in most cases anyways)
Fixes #62339.
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
This also means that the hostname must not contain the domain name part
anymore (i.e. must not be a FQDN).
See RFC 1035 [0], "man 5 hostname", or the kernel documentation [1].
Note: For legacy reasons we also allow underscores inside of the label
but this is not recommended and intentionally left undocumented.
[0]: https://tools.ietf.org/html/rfc1035
[1]: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#domainname-hostname
Co-authored-by: zimbatm <zimbatm@zimbatm.com>
|
|
|
|
|
| |
The unit sets MTU and MAC Address even with networkd enabled, which
isn't necessary anymore, as networkd handles this by itself.
|
|
|
|
|
| |
Setting a MAC Address on a tun interface isn't supported, and invoking
the corresponding command fails.
|
|
|
|
|
| |
make literalExample receive string arguments.
Fix nixos/nixos-homepage#255
|
|\
| |
| | |
openvswitch: better integration with systemd
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Systemd dependencies for scripted mode
were refactored according to analysis in #34586.
networking.vswitches can now be used with systemd-networkd,
although they are not supported by the daemon, a nixos receipe
creates the switch and attached required interfaces (just like
the scripted version).
Vlans and internal interfaces are implemented following the
template format i.e. each interface is
described using an attributeSet (vlan and type at the moment).
If vlan is present, then interface is added to the vswitch with
given tag (access mode). Type internal enabled vswitch to create
interfaces (see openvswitch docs).
Added configuration for configuring supported openFlow version on
the vswitch
This commit is a split from the original PR #35127.
|
|/
|
|
| |
temp addresses
|
|\
| |
| | |
networkd: disallow useDHCP
|
| | |
|
|\ \
| | |
| | | |
mkRemovedOptionModule: assert on removed options
|
| |/
| |
| |
| |
| |
| |
| | |
We don't want to ignore config that can mess up machines. In general
this should always fail evaluation, as you think you are changing
behaviour and don't, which can easily create run-time errors we can
catch early.
|