From e8e980e0e77a3c0e8398e9c009c27558e0ba22b3 Mon Sep 17 00:00:00 2001 From: "Netix (Espinet François)" Date: Sat, 29 Dec 2018 11:10:02 +0100 Subject: openvswitch: 2.5.4 -> 2.12.0 Openvswitch was upgraded to the latest stable version (currenty 2.12.0). This remove ovs-monitor-ipsec commands. LTS version is still available using `config.virtualisation.vswitch.package = pkgs.openvswitch-lts` it has been upgraded to 2.5.6. This commit is a split from the original PR #35127. --- nixos/modules/virtualisation/openvswitch.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/openvswitch.nix b/nixos/modules/virtualisation/openvswitch.nix index edec37402308..6b8ad83661fe 100644 --- a/nixos/modules/virtualisation/openvswitch.nix +++ b/nixos/modules/virtualisation/openvswitch.nix @@ -42,6 +42,9 @@ in { default = false; description = '' Whether to start racoon service for openvswitch. + Supported only if openvswitch version is less than 2.6.0. + Use virtualisation.vswitch.package = pkgs.openvswitch-lts + for a version that supports ipsec over GRE. ''; }; }; @@ -89,6 +92,13 @@ in { "${cfg.package}/share/openvswitch/vswitch.ovsschema" fi chmod -R +w /var/db/openvswitch + if ${cfg.package}/bin/ovsdb-tool needs-conversion /var/db/openvswitch/conf.db | grep -q "yes" + then + echo "Performing database upgrade" + ${cfg.package}/bin/ovsdb-tool convert /var/db/openvswitch/conf.db + else + echo "Database already up to date" + fi ''; serviceConfig = { ExecStart = @@ -133,7 +143,7 @@ in { }; } - (mkIf cfg.ipsec { + (mkIf (cfg.ipsec && (versionOlder cfg.package.version "2.6.0")) { services.racoon.enable = true; services.racoon.configPath = "${runDir}/ipsec/etc/racoon/racoon.conf"; @@ -172,5 +182,4 @@ in { ''; }; })])); - } -- cgit 1.4.1 From fc7070d133520a0bcb97c5350b0bfe30162f7f89 Mon Sep 17 00:00:00 2001 From: Enno Lohmeier Date: Thu, 7 Nov 2019 20:35:17 +0100 Subject: nixos/containers: fix handling of cfg.additionalCapabilities --- nixos/modules/virtualisation/containers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 691ee2c136ec..09678ce9ea71 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -149,7 +149,7 @@ let --setenv PATH="$PATH" \ ${optionalString cfg.ephemeral "--ephemeral"} \ ${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then - ''--capability="${concatStringsSep " " cfg.additionalCapabilities}"'' else "" + ''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else "" } \ ${if cfg.tmpfs != null && cfg.tmpfs != [] then ''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else "" -- cgit 1.4.1 From edbf94d2ee8b4ba0d50f18752641c1d92a7d645b Mon Sep 17 00:00:00 2001 From: Christian Kauhaus Date: Sun, 24 Nov 2019 12:56:44 +0100 Subject: connman: move options to services As part of the networking.* name space cleanup, connman should be moved to services.connman. The same will happen for example with networkmanager in a separate PR. --- nixos/modules/rename.nix | 1 + nixos/modules/services/networking/connman.nix | 10 +++++----- nixos/modules/virtualisation/qemu-vm.nix | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 7d8cf55b827a..a4c1c79f3c4e 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -10,6 +10,7 @@ with lib; (mkRenamedOptionModule [ "networking" "enableRalinkFirmware" ] [ "hardware" "enableRedistributableFirmware" ]) (mkRenamedOptionModule [ "networking" "enableRTL8192cFirmware" ] [ "hardware" "enableRedistributableFirmware" ]) (mkRenamedOptionModule [ "networking" "networkmanager" "useDnsmasq" ] [ "networking" "networkmanager" "dns" ]) + (mkRenamedOptionModule [ "networking" "connman" ] [ "services" "connman" ]) (mkChangedOptionModule [ "services" "printing" "gutenprint" ] [ "services" "printing" "drivers" ] (config: let enabled = getAttrFromPath [ "services" "printing" "gutenprint" ] config; diff --git a/nixos/modules/services/networking/connman.nix b/nixos/modules/services/networking/connman.nix index 31127f790499..cac517f410e5 100644 --- a/nixos/modules/services/networking/connman.nix +++ b/nixos/modules/services/networking/connman.nix @@ -4,7 +4,7 @@ with pkgs; with lib; let - cfg = config.networking.connman; + cfg = config.services.connman; configFile = pkgs.writeText "connman.conf" '' [General] NetworkInterfaceBlacklist=${concatStringsSep "," cfg.networkInterfaceBlacklist} @@ -17,7 +17,7 @@ in { options = { - networking.connman = { + services.connman = { enable = mkOption { type = types.bool; @@ -71,13 +71,13 @@ in { assertions = [{ assertion = !config.networking.useDHCP; - message = "You can not use services.networking.connman with services.networking.useDHCP"; + message = "You can not use services.connman with networking.useDHCP"; }{ assertion = config.networking.wireless.enable; - message = "You must use services.networking.connman with services.networking.wireless"; + message = "You must use services.connman with networking.wireless"; }{ assertion = !config.networking.networkmanager.enable; - message = "You can not use services.networking.connman with services.networking.networkmanager"; + message = "You can not use services.connman with networking.networkmanager"; }]; environment.systemPackages = [ connman ]; diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index e313d2b411bb..31d332e9f07a 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -620,7 +620,7 @@ in # Wireless won't work in the VM. networking.wireless.enable = mkVMOverride false; - networking.connman.enable = mkVMOverride false; + services.connman.enable = mkVMOverride false; # Speed up booting by not waiting for ARP. networking.dhcpcd.extraConfig = "noarp"; -- cgit 1.4.1