diff options
| author | pennae <github@quasiparticle.net> | 2021-08-11 11:02:47 +0200 |
|---|---|---|
| committer | tomberek <tomberek@users.noreply.github.com> | 2021-10-16 20:48:03 -0400 |
| commit | f29ea2d15d833494f7e97e0231b03ca70a8e7db4 (patch) | |
| tree | 636d34b80a85598e045fb5e0f190c6330a51efdf /nixos/modules/tasks/network-interfaces-scripted.nix | |
| parent | eebfe7199d9e543acea19de4af15a91ab7774e7c (diff) | |
| download | nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar.gz nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar.bz2 nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar.lz nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar.xz nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.tar.zst nixlib-f29ea2d15d833494f7e97e0231b03ca70a8e7db4.zip | |
nixos/networking: add foo-over-udp endpoint support
allows configuration of foo-over-udp decapsulation endpoints. sadly networkd seems to lack the features necessary to support local and peer address configuration, so those are only supported when using scripted configuration.
Diffstat (limited to 'nixos/modules/tasks/network-interfaces-scripted.nix')
| -rw-r--r-- | nixos/modules/tasks/network-interfaces-scripted.nix | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index 79624ec7072c..055580e3ea2f 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -466,6 +466,39 @@ let ''; }); + createFouEncapsulation = n: v: nameValuePair "${n}-fou-encap" + (let + # if we have a device to bind to we can wait for its addresses to be + # configured, otherwise external sequencing is required. + deps = optionals (v.local != null && v.local.dev != null) + (deviceDependency v.local.dev ++ [ "network-addresses-${v.local.dev}.service" ]); + fouSpec = "port ${toString v.port} ${ + if v.protocol != null then "ipproto ${toString v.protocol}" else "gue" + } ${ + optionalString (v.local != null) "local ${escapeShellArg v.local.address} ${ + optionalString (v.local.dev != null) "dev ${escapeShellArg v.local.dev}" + }" + }"; + in + { description = "FOU endpoint ${n}"; + wantedBy = [ "network-setup.service" (subsystemDevice n) ]; + bindsTo = deps; + partOf = [ "network-setup.service" ]; + after = [ "network-pre.target" ] ++ deps; + before = [ "network-setup.service" ]; + serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = true; + path = [ pkgs.iproute2 ]; + script = '' + # always remove previous incarnation since show can't filter + ip fou del ${fouSpec} >/dev/null 2>&1 || true + ip fou add ${fouSpec} + ''; + postStop = '' + ip fou del ${fouSpec} || true + ''; + }); + createSitDevice = n: v: nameValuePair "${n}-netdev" (let deps = deviceDependency v.dev; @@ -530,6 +563,7 @@ let // mapAttrs' createVswitchDevice cfg.vswitches // mapAttrs' createBondDevice cfg.bonds // mapAttrs' createMacvlanDevice cfg.macvlans + // mapAttrs' createFouEncapsulation cfg.fooOverUDP // mapAttrs' createSitDevice cfg.sits // mapAttrs' createVlanDevice cfg.vlans // { |