summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorMichael Raskin <7c6f434c@mail.ru>2014-09-03 11:25:28 +0400
committerMichael Raskin <7c6f434c@mail.ru>2014-09-03 11:25:28 +0400
commitc3e758836791bae92a89a27c0066f09d3aadd811 (patch)
treec16c3a06d26ccf348181a435967a5f46ede572d0 /nixos
parentdf3061295e6a48920400936917e60755fc5d4769 (diff)
parentef92afe0da4ad622026c07a768f0b9e8b29447c9 (diff)
downloadnixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar.gz
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar.bz2
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar.lz
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar.xz
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.tar.zst
nixlib-c3e758836791bae92a89a27c0066f09d3aadd811.zip
Merge pull request #3747 from wkennington/master.explicit
nixos/network-interfaces: Allow explicit virtual interface type setting
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/tasks/network-interfaces.nix67
1 files changed, 40 insertions, 27 deletions
diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix
index 2adb4bcfabab..ca7a5ab77add 100644
--- a/nixos/modules/tasks/network-interfaces.nix
+++ b/nixos/modules/tasks/network-interfaces.nix
@@ -138,8 +138,6 @@ let
           Whether this interface is virtual and should be created by tunctl.
           This is mainly useful for creating bridges between a host a virtual
           network such as VPN or a virtual machine.
-
-          Defaults to tap device, unless interface contains "tun" in its name.
         '';
       };
 
@@ -151,6 +149,15 @@ let
         '';
       };
 
+      virtualType = mkOption {
+        default = null;
+        type = types.nullOr (types.addCheck types.str (v: v == "tun" || v == "tap"));
+        description = ''
+          The explicit type of interface to create. Accepts tun or tap strings.
+          Also accepts null to implicitly detect the type of device.
+        '';
+      };
+
       proxyARP = mkOption {
         default = false;
         type = types.bool;
@@ -673,22 +680,28 @@ in
                 '');
           };
 
-        createTunDevice = i: nameValuePair "${i.name}"
+        createTunDevice = i: nameValuePair "${i.name}-netdev"
           { description = "Virtual Network Interface ${i.name}";
             requires = [ "dev-net-tun.device" ];
             after = [ "dev-net-tun.device" ];
-            wantedBy = [ "network.target" ];
-            requiredBy = [ "sys-subsystem-net-devices-${i.name}.device" ];
-            serviceConfig =
-              { Type = "oneshot";
-                RemainAfterExit = true;
-                ExecStart = "${pkgs.tunctl}/bin/tunctl -t '${i.name}' -u '${i.virtualOwner}'";
-                ExecStop = "${pkgs.tunctl}/bin/tunctl -d '${i.name}'";
-              };
+            wantedBy = [ "network.target" "sys-subsystem-net-devices-${i.name}.device" ];
+            path = [ pkgs.iproute ];
+            serviceConfig = {
+              Type = "oneshot";
+              RemainAfterExit = true;
+            };
+            script = ''
+              ip tuntap add dev "${i.name}" \
+              ${optionalString (i.virtualType != null) "mode ${i.virtualType}"} \
+              user "${i.virtualOwner}"
+            '';
+            postStop = ''
+              ip link del ${i.name}
+            '';
           };
 
-        createBridgeDevice = n: v:
-          let
+        createBridgeDevice = n: v: nameValuePair "${n}-netdev"
+          (let
             deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
           in
           { description = "Bridge Interface ${n}";
@@ -725,10 +738,10 @@ in
                 ip link set "${n}" down
                 brctl delbr "${n}"
               '';
-          };
+          });
 
-        createBondDevice = n: v:
-          let
+        createBondDevice = n: v: nameValuePair "${n}-netdev"
+          (let
             deps = map (i: "sys-subsystem-net-devices-${i}.device") v.interfaces;
           in
           { description = "Bond Interface ${n}";
@@ -764,10 +777,10 @@ in
               ifenslave -d "${n}"
               ip link delete "${n}"
             '';
-          };
+          });
 
-        createSitDevice = n: v:
-          let
+        createSitDevice = n: v: nameValuePair "${n}-netdev"
+          (let
             deps = optional (v.dev != null) "sys-subsystem-net-devices-${v.dev}.device";
           in
           { description = "6-to-4 Tunnel Interface ${n}";
@@ -790,10 +803,10 @@ in
             postStop = ''
               ip link delete "${n}"
             '';
-          };
+          });
 
-        createVlanDevice = n: v:
-          let
+        createVlanDevice = n: v: nameValuePair "${n}-netdev"
+          (let
             deps = [ "sys-subsystem-net-devices-${v.interface}.device" ];
           in
           { description = "Vlan Interface ${n}";
@@ -812,15 +825,15 @@ in
             postStop = ''
               ip link delete "${n}"
             '';
-          };
+          });
 
       in listToAttrs (
            map configureInterface interfaces ++
            map createTunDevice (filter (i: i.virtual) interfaces))
-         // mapAttrs createBridgeDevice cfg.bridges
-         // mapAttrs createBondDevice cfg.bonds
-         // mapAttrs createSitDevice cfg.sits
-         // mapAttrs createVlanDevice cfg.vlans
+         // mapAttrs' createBridgeDevice cfg.bridges
+         // mapAttrs' createBondDevice cfg.bonds
+         // mapAttrs' createSitDevice cfg.sits
+         // mapAttrs' createVlanDevice cfg.vlans
          // { "network-setup" = networkSetup; };
 
     # Set the host and domain names in the activation script.  Don't
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-19 17:19:42 +0000