summary refs log tree commit diff
path: root/nixos/modules/tasks/network-interfaces.nix
Commit message (Collapse)AuthorAge
* networking.greTunnels: support ip6gre*jpathy2022-03-17
|
* treewide: remove obsolete kernel version checksAlyssa Ross2022-02-19
| | | | We don't support Linux kernels older than 4.4 in Nixpkgs.
* nixos/networking: Typo fixJade2022-02-04
|
* nixos/networkd: Add routes from interfaces to [Route] section of .network fileLuflosi2022-01-20
| | | | Closes https://github.com/NixOS/nixpkgs/pull/93635.
* Merge pull request #148637 from hexagonal-sun/network/gre-tap-tunGuillaume Girol2022-01-01
|\ | | | | nixos/network: add gre virtual interfaces
| * nixos/networking: add options for configuring a GRE tunnelMatthew Leach2021-12-07
| | | | | | | | | | Add `networking.greTunnels` option that allows a GRE tunnel to be configured in NixOS.
* | treewide: add defaultText for options with simple cfg.* expression defaultspennae2021-12-09
|/ | | | | adds defaultText for options with defaults that use only literals, full config.* paths, and the cfg shortcut binding.
* Merge pull request #146709 from Artturin/underscorenameArtturi2021-11-21
|\
| * nixos/network-interfaces: add a warning for underscores in hostnameArtturin2021-11-21
| | | | | | | | | | until the issues in https://github.com/NixOS/nixpkgs/pull/138978 have been resolved
* | nixos/networkmanager: remove redundant ipv6.ip6-privacyArtturin2021-11-19
|/ | | | | | | | | | | | | | | | | | | | this setting was added in 2016 in commit bcdd81d9e14d960cf2fc910b622e236728a7fc07 the posibility to preferTempAddress was added to nixos/network-interface in 2018 in commit 1fec496f384c53df39684035bafb482865d3eff8 preferTempAddress was renamed to tempAddress in 2020 in commit 2485e6399e1737d9795f836bb057ab0daf719f03 therefore this setting is redundant since nm will use the sysctl option nixos/network-interfaces: add default to sysctl so that the value for it is set networkmanager falls back to it https://man.archlinux.org/man/NetworkManager.conf.5
* nixos/networking: support FOU encapsulation for sitspennae2021-10-16
|
* nixos/networking: add foo-over-udp endpoint supportpennae2021-10-16
| | | | | | allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
* Merge pull request #140779 from legendofmiracles/wolMichele Guerini Rocco2021-10-09
|\ | | | | nixos/wakeonlan: switch to systemd.link and to nixos/networking
| * nixos/networking: add the wakeonlan optionlegendofmiracles2021-10-07
| |
* | nixos/doc: clean up defaults and examplesNaïm Favier2021-10-04
|/
* Provide submodule to `security.wrappers` for older kernelsSamuel Dionne-Riel2021-09-29
| | | | Fixes a regression from #126289
* nixos: explicitely set security.wrappers ownershiprnhmjoj2021-09-13
| | | | | This is slightly more verbose and inconvenient, but it forces you to think about what the wrapper ownership and permissions will be.
* nixos/network-interfaces: Fix wlan interface macJohn Whitman2021-09-01
|
* Merge master into staging-nextgithub-actions[bot]2021-05-07
|\
| * nixos/network: allow configuring tempaddr for undeclared interfacesLinus Heckemann2021-04-27
| |
* | Revert "Revert "apparmor: fix and improve the service""Julien Moutinho2021-04-23
|/ | | | This reverts commit 420f89ceb267b461eed5d025b6c3c0e57703cc5c.
* treewide: fix eval without aliases after ↵ajs1242021-04-08
| | | | 9378fdf87e0626e8c63a90a378c38444ff54808b
* iproute: deprecate aliasSandro Jäckel2021-04-04
|
* Merge pull request #100155 from primeos/nixos-add-fqdn-optionFlorian Klink2021-01-25
|\ | | | | nixos/networking: Add a read-only option for the FQDN
| * nixos/networking: Add a read-only option for the FQDNMichael Weiss2020-10-12
| | | | | | | | | | This is a convenience option that can be used to quickly obtain the configured FQDN.
* | nixos/network-interfaces: fix typo in udev rule syntaxJulien Moutinho2020-11-24
| |
* | kernel config: explicitly enable CONFIG_IPV6Florian Klink2020-11-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently build CONFIG_IPV6=m. This seems to be not really well-supported in mainline kernels - see https://lore.kernel.org/netdev/20201115224509.2020651-1-flokli@flokli.de/T/#u Compiling it as a module doesn't give too much benefit - even for people who did explicitly set `enableIPv6` to false, the `ipv6` module was still loaded, as soon as another module was loaded that requires it (bridge,br_netfilter,wireguard,ip6table_mangle,sctp,…). By compiling it in, we only loose the possibility to not add it to `boot.kernelModules` anymore (as it's part of the kernel directly). The space savings are negligible. People wanting to disable IPv6 still get the appropriate sysctls and options set (while having the kernel code loaded), nothing is really changing here.
* | doc: Document a workaround for using an FQDN as hostnameMichael Weiss2020-10-10
| | | | | | | | | | | | | | | | | | Since #76542 this workaround is required to use a FQDN as hostname. See #94011 and #94022 for the related discussion. Due to some potential/unresolved issues (legacy software, backward compatibility, etc.) we're documenting this workaround [0]. [0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
* | nixos/networking: Switch to home.arpa as an example for the domainMichael Weiss2020-10-10
|/ | | | | | | | | | The special-use domain "home.arpa." is designated for non-unique use in residential home networks [0] and registered as such [1]. Therefore it is more appropriate than "home." which could cause conflicts or result in queries that leak out and reach the root name servers. [0]: https://tools.ietf.org/html/rfc8375 [1]: https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
* Revert "apparmor: fix and improve the service"Vladimír Čunát2020-10-07
| | | | | | | | | | | | This reverts commit fb6d63f3fdd95a5468d43a0693c8ca7c1894363f. I really hope this finally fixes #99236: evaluation on Hydra. This time I really did check basically the same commit on Hydra: https://hydra.nixos.org/eval/1618011 Right now I don't have energy to find what exactly is wrong in the commit, and it doesn't seem important in comparison to nixos-unstable channel being stuck on a commit over one week old.
* nixos: Conform with RFC 1123 in networking.hostName0x4A6F2020-10-01
| | | | | | | | | Conform to RFC 1123 [0], specifically to "2.1 Host Names and Numbers", which allow starting host name with alphanumerical instead of alphabetical characters. RFC 1123 updates RFC 952 [1], which is referenced in "man 5 hosts". [0]: https://tools.ietf.org/html/rfc1123 [1]: https://tools.ietf.org/html/rfc952
* apparmor: fix and improve the serviceJulien Moutinho2020-09-06
|
* Merge pull request #96042 from rnhmjoj/loaOfWORLDofPEACE2020-09-02
|\ | | | | treewide: completely remove types.loaOf
| * treewide: completely remove types.loaOfrnhmjoj2020-09-02
| |
* | rfkill: removeV2020-08-24
|/ | | | | | | | | | rfkill was subsumed by util-linux in 2017 [1], and the upstream has not been updated in over 5 years [2]. This package shadows the rfkill from util-linux, so it can be completely removed with no breaking changes, because util-linux is in the base package set in nixos/system-path. [1] https://github.com/karelzak/util-linux/commit/d17fb726b562a69e8f174d46fa6cf794abc129cd [2] https://git.sipsolutions.net/rfkill.git/log/
* nixos/networking: Enhance hostId description (#94800)asdf8dfafjk2020-08-08
| | | Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
* nixos: Allow empty hostnames againMichael Weiss2020-06-03
| | | | | | | | | | This fixes a regression from 993baa587c4 which requires networking.hostName to be a valid DNS label [0]. Unfortunately we missed the fact that the hostnames may also be empty, if the user wants to obtain it from a DHCP server. This is even required by a few modules/images (e.g. Amazon EC2, Azure, and Google Compute). [0]: https://github.com/NixOS/nixpkgs/pull/76542#issuecomment-638138666
* Merge pull request #62671 from kfiz/networking-proxy_arp-fixFlorian Klink2020-05-31
|\ | | | | tasks/network-interfaces.nix: Enable ip_forwarding for ipv4 and p…
| * networking-interfaces.nix: remove broken NDP bits from proxyARPDoro Rose2020-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `networking.interfaces.<name?>.proxyARP` option previously mentioned it would also enable IPv6 forwarding and `proxy_ndp`. However, the `proxy_ndp` option was never actually set (the non-existing `net.ipv6.conf.proxy_arp` sysctl was set instead). In addition `proxy_ndp` also needs individual entries for each ip to proxy for. Proxy ARP and Proxy NDP are two different concepts, and enabling the latter should be a conscious decision. This commit removes the broken NDP support, and disables explicitly enabling IPv6 forwarding (which is the default in most cases anyways) Fixes #62339.
* | nixos: Require networking.hostName to be a valid DNS labelMichael Weiss2020-05-25
|/ | | | | | | | | | | | | This also means that the hostname must not contain the domain name part anymore (i.e. must not be a FQDN). See RFC 1035 [0], "man 5 hostname", or the kernel documentation [1]. Note: For legacy reasons we also allow underscores inside of the label but this is not recommended and intentionally left undocumented. [0]: https://tools.ietf.org/html/rfc1035 [1]: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#domainname-hostname Co-authored-by: zimbatm <zimbatm@zimbatm.com>
* nixos/networking: move network-link-${i.name} to scripted networkingFlorian Klink2020-04-13
| | | | | The unit sets MTU and MAC Address even with networkd enabled, which isn't necessary anymore, as networkd handles this by itself.
* nixos/networking: add assertion catching setting mac addresses on tun devicesFlorian Klink2020-04-13
| | | | | Setting a MAC Address on a tun interface isn't supported, and invoking the corresponding command fails.
* nixos/network-interfaces: fix examples typesDavid Costa2020-03-29
| | | | | make literalExample receive string arguments. Fix nixos/nixos-homepage#255
* Merge pull request #53033 from netixx/openvswitch-improved-systemdJörg Thalheim2020-02-21
|\ | | | | openvswitch: better integration with systemd
| * openvswitch: better integration with systemdNetix (Espinet François)2019-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
* | nixos/networking-interfaces: change preferTempAddress to allow disabling ↵rnhmjoj2020-02-01
|/ | | | temp addresses
* Merge pull request #69302 from mayflower/networkd-disallow-dhcpLinus Heckemann2019-10-07
|\ | | | | networkd: disallow useDHCP
| * networking.useDHCP: add release notes and docsRobin Gloster2019-09-24
| |
* | mkRemovedOptionModule: assert on removed options (#69419)Silvan Mosberger2019-09-30
|\ \ | | | | | | mkRemovedOptionModule: assert on removed options
| * | mkRemovedOptionModule: assert on removed optionsRobin Gloster2019-09-30
| |/ | | | | | | | | | | | | We don't want to ignore config that can mess up machines. In general this should always fail evaluation, as you think you are changing behaviour and don't, which can easily create run-time errors we can catch early.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-21 14:15:38 +0000