{ config, pkgs, ... }: with pkgs.lib; let cfg = config.networking; hasVirtuals = any (i: i.virtual) cfg.interfaces; in { ###### interface options = { networking.hostName = mkOption { default = "nixos"; description = '' The name of the machine. Leave it empty if you want to obtain it from a DHCP server (if using DHCP). ''; }; networking.enableIPv6 = mkOption { default = true; description = '' Whether to enable support for IPv6. ''; }; networking.defaultGateway = mkOption { default = ""; example = "131.211.84.1"; description = '' The default gateway. It can be left empty if it is auto-detected through DHCP. ''; }; networking.nameservers = mkOption { default = []; example = ["130.161.158.4" "130.161.33.17"]; description = '' The list of nameservers. It can be left empty if it is auto-detected through DHCP. ''; }; networking.domain = mkOption { default = ""; example = "home"; description = '' The domain. It can be left empty if it is auto-detected through DHCP. ''; }; networking.localCommands = mkOption { default = ""; example = "text=anything; echo You can put $text here."; description = '' Shell commands to be executed at the end of the network-interfaces Upstart job. Note that if you are using DHCP to obtain the network configuration, interfaces may not be fully configured yet. ''; }; networking.interfaces = mkOption { default = []; example = [ { name = "eth0"; ipAddress = "131.211.84.78"; subnetMask = "255.255.255.128"; } ]; description = '' The configuration for each network interface. If is true, then every interface not listed here will be configured using DHCP. ''; type = types.list types.optionSet; options = { name = mkOption { example = "eth0"; type = types.string; description = '' Name of the interface. ''; }; ipAddress = mkOption { default = ""; example = "10.0.0.1"; type = types.string; description = '' IP address of the interface. Leave empty to configure the interface using DHCP. ''; }; subnetMask = mkOption { default = ""; example = "255.255.255.0"; type = types.string; description = '' Subnet mask of the interface. Leave empty to use the default subnet mask. ''; }; macAddress = mkOption { default = ""; example = "00:11:22:33:44:55"; type = types.string; description = '' MAC address of the interface. Leave empty to use the default. ''; }; virtual = mkOption { default = false; type = types.bool; description = '' Whether this interface is virtual and should be created by tunctl. This is mainly useful for creating bridges between a host a virtual network such as VPN or a virtual machine. Defaults to tap device, unless interface contains "tun" in its name. ''; }; virtualOwner = mkOption { default = "root"; type = types.uniq types.string; description = '' In case of a virtual device, the user who owns it. ''; }; }; }; networking.ifaces = mkOption { default = listToAttrs (map (iface: { name = iface.name; value = iface; }) config.networking.interfaces); internal = true; description = '' The network interfaces in as an attribute set keyed on the interface name. ''; }; networking.bridges = mkOption { default = { }; example = { br0.interfaces = [ "eth0" "eth1" ]; br1.interfaces = [ "eth2" "wlan0" ]; }; description = '' This option allows you to define Ethernet bridge devices that connect physical networks together. The value of this option is an attribute set. Each attribute specifies a bridge, with the attribute name specifying the name of the bridge's network interface. ''; type = types.attrsOf types.optionSet; options = { interfaces = mkOption { example = [ "eth0" "eth1" ]; type = types.listOf types.string; description = "The physical network interfaces connected by the bridge."; }; }; }; networking.useDHCP = mkOption { default = true; merge = mergeEnableOption; description = '' Whether to use DHCP to obtain an IP adress and other configuration for all network interfaces that are not manually configured. ''; }; }; ###### implementation config = { boot.kernelModules = optional cfg.enableIPv6 "ipv6" ++ optional hasVirtuals "tun"; environment.systemPackages = [ pkgs.host pkgs.iproute pkgs.iputils pkgs.nettools pkgs.wirelesstools pkgs.rfkill pkgs.openresolv ] ++ optional (cfg.bridges != {}) pkgs.bridge_utils ++ optional hasVirtuals pkgs.tunctl ++ optional cfg.enableIPv6 pkgs.ndisc6; security.setuidPrograms = [ "ping" "ping6" ]; jobs.networkInterfaces = { name = "network-interfaces"; startOn = "stopped udevtrigger"; path = [ pkgs.iproute ]; preStart = '' set +e # continue in case of errors # Create virtual network interfaces ${flip concatMapStrings cfg.interfaces (i: optionalString i.virtual '' echo "Creating virtual network interface ${i.name}..." ${pkgs.tunctl}/bin/tunctl -t "${i.name}" -u "${i.virtualOwner}" '') } # Set MAC addresses of interfaces, if desired. ${flip concatMapStrings cfg.interfaces (i: optionalString (i.macAddress != "") '' echo "Setting MAC address of ${i.name} to ${i.macAddress}..." ip link set "${i.name}" address "${i.macAddress}" '') } for i in $(cd /sys/class/net && ls -d *); do echo "Bringing up network device $i..." ip link set "$i" up done # Create bridge devices. ${concatStrings (attrValues (flip mapAttrs cfg.bridges (n: v: '' echo "Creating bridge ${n}..." ${pkgs.bridge_utils}/sbin/brctl addbr "${n}" # Set bridge's hello time to 0 to avoid startup delays. ${pkgs.bridge_utils}/sbin/brctl setfd "${n}" 0 ${flip concatMapStrings v.interfaces (i: '' ${pkgs.bridge_utils}/sbin/brctl addif "${n}" "${i}" ip addr flush dev "${i}" '')} # !!! Should delete (brctl delif) any interfaces that # no longer belong to the bridge. '')))} # Configure the manually specified interfaces. ${flip concatMapStrings cfg.interfaces (i: optionalString (i.ipAddress != "") '' echo "Configuring interface ${i.name}..." ip addr add "${i.ipAddress}""${optionalString (i.subnetMask != "") ("/" + i.subnetMask)}" \ dev "${i.name}" '') } # Set the static DNS configuration, if given. cat | ${pkgs.openresolv}/sbin/resolvconf -a static <