diff options
Diffstat (limited to 'nixos/modules/tasks')
-rw-r--r-- | nixos/modules/tasks/auto-upgrade.nix | 2 | ||||
-rw-r--r-- | nixos/modules/tasks/filesystems/zfs.nix | 24 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces-systemd.nix | 25 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 15 |
4 files changed, 34 insertions, 32 deletions
diff --git a/nixos/modules/tasks/auto-upgrade.nix b/nixos/modules/tasks/auto-upgrade.nix index 18753ae0c1ae..7fe066991918 100644 --- a/nixos/modules/tasks/auto-upgrade.nix +++ b/nixos/modules/tasks/auto-upgrade.nix @@ -88,7 +88,7 @@ let cfg = config.system.autoUpgrade; in HOME = "/root"; } // config.networking.proxy.envVars; - path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gitMinimal config.nix.package.out ]; + path = with pkgs; [ coreutils gnutar xz.bin gzip gitMinimal config.nix.package.out ]; script = let nixos-rebuild = "${config.system.build.nixos-rebuild}/bin/nixos-rebuild"; diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index 2ed8c5aa2927..fe11917c609c 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -16,9 +16,7 @@ let inInitrd = any (fs: fs == "zfs") config.boot.initrd.supportedFilesystems; inSystem = any (fs: fs == "zfs") config.boot.supportedFilesystems; - enableAutoSnapshots = cfgSnapshots.enable; - enableAutoScrub = cfgScrub.enable; - enableZfs = inInitrd || inSystem || enableAutoSnapshots || enableAutoScrub; + enableZfs = inInitrd || inSystem; kernel = config.boot.kernelPackages; @@ -268,7 +266,12 @@ in }; services.zfs.trim = { - enable = mkEnableOption "Enables periodic TRIM on all ZFS pools."; + enable = mkOption { + description = "Whether to enable periodic TRIM on all ZFS pools."; + default = true; + example = false; + type = types.bool; + }; interval = mkOption { default = "weekly"; @@ -387,10 +390,11 @@ in }; environment.etc."zfs/zed.d".source = "${packages.zfsUser}/etc/zfs/zed.d/"; + environment.etc."zfs/zpool.d".source = "${packages.zfsUser}/etc/zfs/zpool.d/"; system.fsPackages = [ packages.zfsUser ]; # XXX: needed? zfs doesn't have (need) a fsck environment.systemPackages = [ packages.zfsUser ] - ++ optional enableAutoSnapshots autosnapPkg; # so the user can run the command to see flags + ++ optional cfgSnapshots.enable autosnapPkg; # so the user can run the command to see flags services.udev.packages = [ packages.zfsUser ]; # to hook zvol naming, etc. systemd.packages = [ packages.zfsUser ]; @@ -482,7 +486,7 @@ in systemd.targets.zfs.wantedBy = [ "multi-user.target" ]; }) - (mkIf enableAutoSnapshots { + (mkIf (enableZfs && cfgSnapshots.enable) { systemd.services = let descr = name: if name == "frequent" then "15 mins" else if name == "hourly" then "hour" @@ -520,7 +524,7 @@ in }) snapshotNames); }) - (mkIf enableAutoScrub { + (mkIf (enableZfs && cfgScrub.enable) { systemd.services.zfs-scrub = { description = "ZFS pools scrubbing"; after = [ "zfs-import.target" ]; @@ -547,15 +551,13 @@ in }; }) - (mkIf cfgTrim.enable { + (mkIf (enableZfs && cfgTrim.enable) { systemd.services.zpool-trim = { description = "ZFS pools trim"; after = [ "zfs-import.target" ]; path = [ packages.zfsUser ]; startAt = cfgTrim.interval; - script = '' - zpool list -H -o name | xargs -n1 zpool trim - ''; + serviceConfig.ExecStart = "${pkgs.runtimeShell} -c 'zpool list -H -o name | xargs --no-run-if-empty -n1 zpool trim'"; }; }) ]; diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix index 34e270667151..9ffa1089ee69 100644 --- a/nixos/modules/tasks/network-interfaces-systemd.nix +++ b/nixos/modules/tasks/network-interfaces-systemd.nix @@ -12,7 +12,7 @@ let i.ipv4.addresses ++ optionals cfg.enableIPv6 i.ipv6.addresses; - dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "no"; + dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "yes" else "no"; slaves = concatLists (map (bond: bond.interfaces) (attrValues cfg.bonds)) @@ -31,13 +31,19 @@ in message = "networking.defaultGatewayWindowSize is not supported by networkd."; } { assertion = cfg.vswitches == {}; - message = "networking.vswichtes are not supported by networkd."; + message = "networking.vswitches are not supported by networkd."; } { assertion = cfg.defaultGateway == null || cfg.defaultGateway.interface == null; message = "networking.defaultGateway.interface is not supported by networkd."; } { assertion = cfg.defaultGateway6 == null || cfg.defaultGateway6.interface == null; message = "networking.defaultGateway6.interface is not supported by networkd."; + } { + assertion = cfg.useDHCP == false; + message = '' + networking.useDHCP is not supported by networkd. + Please use per interface configuration and set the global option to false. + ''; } ] ++ flip mapAttrsToList cfg.bridges (n: { rstp, ... }: { assertion = !rstp; message = "networking.bridges.${n}.rstp is not supported by networkd."; @@ -56,9 +62,7 @@ in genericNetwork = override: let gateway = optional (cfg.defaultGateway != null) cfg.defaultGateway.address ++ optional (cfg.defaultGateway6 != null) cfg.defaultGateway6.address; - in { - DHCP = override (dhcpStr cfg.useDHCP); - } // optionalAttrs (gateway != [ ]) { + in optionalAttrs (gateway != [ ]) { routes = override [ { routeConfig = { @@ -72,15 +76,6 @@ in }; in mkMerge [ { enable = true; - networks."99-main" = (genericNetwork mkDefault) // { - # We keep the "broken" behaviour of applying this to all interfaces. - # In general we want to get rid of this workaround but there hasn't - # been any work on that. - # See the following issues for details: - # - https://github.com/NixOS/nixpkgs/issues/18962 - # - https://github.com/NixOS/nixpkgs/issues/61629 - matchConfig = mkDefault { Name = "*"; }; - }; } (mkMerge (forEach interfaces (i: { netdevs = mkIf i.virtual ({ @@ -97,7 +92,7 @@ in networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) { name = mkDefault i.name; DHCP = mkForce (dhcpStr - (if i.useDHCP != null then i.useDHCP else cfg.useDHCP && interfaceIps i == [ ])); + (if i.useDHCP != null then i.useDHCP else false)); address = forEach (interfaceIps i) (ip: "${ip.address}/${toString ip.prefixLength}"); networkConfig.IPv6PrivacyExtensions = "kernel"; diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 5bf7b0d227f0..31e2ed1cd1ea 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -305,7 +305,7 @@ let optional (defined ipv6Address && defined ipv6PrefixLength) { address = ipv6Address; prefixLength = ipv6PrefixLength; })) - ({ options.warnings = options.warnings; }) + ({ options.warnings = options.warnings; options.assertions = options.assertions; }) ]; }; @@ -903,6 +903,11 @@ in Whether to use DHCP to obtain an IP address and other configuration for all network interfaces that are not manually configured. + + Using this option is highly discouraged and also incompatible with + <option>networking.useNetworkd</option>. Please use + <option>networking.interfaces.<name>.useDHCP</option> instead + and set this to false. ''; }; @@ -967,9 +972,9 @@ in "net.ipv6.conf.default.disable_ipv6" = mkDefault (!cfg.enableIPv6); "net.ipv6.conf.all.forwarding" = mkDefault (any (i: i.proxyARP) interfaces); } // listToAttrs (flip concatMap (filter (i: i.proxyARP) interfaces) - (i: forEach [ "4" "6" ] (v: nameValuePair "net.ipv${v}.conf.${i.name}.proxy_arp" true))) + (i: forEach [ "4" "6" ] (v: nameValuePair "net.ipv${v}.conf.${replaceChars ["."] ["/"] i.name}.proxy_arp" true))) // listToAttrs (forEach (filter (i: i.preferTempAddress) interfaces) - (i: nameValuePair "net.ipv6.conf.${i.name}.use_tempaddr" 2)); + (i: nameValuePair "net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr" 2)); # Capabilities won't work unless we have at-least a 4.3 Linux # kernel because we need the ambient capability @@ -1092,7 +1097,7 @@ in destination = "/etc/udev/rules.d/98-${name}"; text = '' # enable and prefer IPv6 privacy addresses by default - ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.%k.use_tempaddr=2" + ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.bash}/bin/sh -c 'echo 2 > /proc/sys/net/ipv6/conf/%k/use_tempaddr'" ''; }) (pkgs.writeTextFile rec { @@ -1100,7 +1105,7 @@ in destination = "/etc/udev/rules.d/99-${name}"; text = concatMapStrings (i: '' # enable IPv6 privacy addresses but prefer EUI-64 addresses for ${i.name} - ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${i.name}.use_tempaddr=1" + ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr=1" '') (filter (i: !i.preferTempAddress) interfaces); }) ] ++ lib.optional (cfg.wlanInterfaces != {}) |