commit ed854ed0e3d7da87e513672c40d2001bdf815521 · pyrox.dev/nixpkgs

nixos/lib/systemd-lib.nix

···

       148
        
           optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name}))

     

       149
        
             "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]";

     

       150
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       151
        
         assertMinimum = name: min: group: attr:

     

       152
        
           optional (attr ? ${name} && attr.${name} < min)

     

       153
        
             "Systemd ${group} field `${name}' must be greater than or equal to ${toString min}";

···

       148
        
           optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name}))

     

       149
        
             "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]";

     

       150
        
       

     

       151
       +
         assertRangeOrOneOf = name: min: max: values: group: attr:

     

       152
       +
           optional (attr ? ${name} && !((min <= attr.${name} && max >= attr.${name}) || elem attr.${name} values))

     

       153
       +
             "Systemd ${group} field `${name}' is not a value in range [${toString min},${toString max}], or one of ${toString values}";

     

       154
       +
       

     

       155
        
         assertMinimum = name: min: group: attr:

     

       156
        
           optional (attr ? ${name} && attr.${name} < min)

     

       157
        
             "Systemd ${group} field `${name}' must be greater than or equal to ${toString min}";

nixos/lib/systemd-network-units.nix

···

       25
        
           commonMatchText def + ''

     

       26
        
             [NetDev]

     

       27
        
             ${attrsToSection def.netdevConfig}

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       28
        
           '' + optionalString (def.vlanConfig != { }) ''

     

       29
        
             [VLAN]

     

       30
        
             ${attrsToSection def.vlanConfig}

···

       25
        
           commonMatchText def + ''

     

       26
        
             [NetDev]

     

       27
        
             ${attrsToSection def.netdevConfig}

     

       28
       +
           '' + optionalString (def.bridgeConfig != { }) ''

     

       29
       +
             [Bridge]

     

       30
       +
             ${attrsToSection def.bridgeConfig}

     

       31
        
           '' + optionalString (def.vlanConfig != { }) ''

     

       32
        
             [VLAN]

     

       33
        
             ${attrsToSection def.vlanConfig}

+42

nixos/modules/system/boot/networkd.nix

···

       186
        
               (assertNetdevMacAddress "MACAddress")

     

       187
        
             ];

     

       188
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       189
        
             sectionVLAN = checkUnitConfig "VLAN" [

     

       190
        
               (assertOnlyFields [

     

       191
        
                 "Id"

     
···

       1631
        
             description = ''

     

       1632
        
               Each attribute in this set specifies an option in the

     

       1633
        
               `[Netdev]` section of the unit.  See

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1634
        
               {manpage}`systemd.netdev(5)` for details.

     

       1635
        
             '';

     

       1636
        
           };

···

       186
        
               (assertNetdevMacAddress "MACAddress")

     

       187
        
             ];

     

       188
        
       

     

       189
       +
             sectionBridge = checkUnitConfig "Bridge" [

     

       190
       +
               (assertOnlyFields [

     

       191
       +
                 "HelloTimeSec"

     

       192
       +
                 "MaxAgeSec"

     

       193
       +
                 "ForwardDelaySec"

     

       194
       +
                 "AgeingTimeSec"

     

       195
       +
                 "Priority"

     

       196
       +
                 "GroupForwardMask"

     

       197
       +
                 "DefaultPVID"

     

       198
       +
                 "MulticastQuerier"

     

       199
       +
                 "MulticastSnooping"

     

       200
       +
                 "VLANFiltering"

     

       201
       +
                 "VLANProtocol"

     

       202
       +
                 "STP"

     

       203
       +
                 "MulticastIGMPVersion"

     

       204
       +
               ])

     

       205
       +
               (assertInt "HelloTimeSec")

     

       206
       +
               (assertInt "MaxAgeSec")

     

       207
       +
               (assertInt "ForwardDelaySec")

     

       208
       +
               (assertInt "AgeingTimeSec")

     

       209
       +
               (assertRange "Priority" 0 65535)

     

       210
       +
               (assertRange "GroupForwardMask" 0 65535)

     

       211
       +
               (assertRangeOrOneOf "DefaultPVID" 0 4094 ["none"])

     

       212
       +
               (assertValueOneOf "MulticastQuerier" boolValues)

     

       213
       +
               (assertValueOneOf "MulticastSnooping" boolValues)

     

       214
       +
               (assertValueOneOf "VLANFiltering" boolValues)

     

       215
       +
               (assertValueOneOf "VLANProtocol" ["802.1q" "802.ad"])

     

       216
       +
               (assertValueOneOf "STP" boolValues)

     

       217
       +
               (assertValueOneOf "MulticastIGMPVersion" [2 3])

     

       218
       +
             ];

     

       219
       +
       

     

       220
        
             sectionVLAN = checkUnitConfig "VLAN" [

     

       221
        
               (assertOnlyFields [

     

       222
        
                 "Id"

     
···

       1662
        
             description = ''

     

       1663
        
               Each attribute in this set specifies an option in the

     

       1664
        
               `[Netdev]` section of the unit.  See

     

       1665
       +
               {manpage}`systemd.netdev(5)` for details.

     

       1666
       +
             '';

     

       1667
       +
           };

     

       1668
       +
       

     

       1669
       +
           bridgeConfig = mkOption {

     

       1670
       +
             default = {};

     

       1671
       +
             example = { STP = true; };

     

       1672
       +
             type = types.addCheck (types.attrsOf unitOption) check.netdev.sectionBridge;

     

       1673
       +
             description = ''

     

       1674
       +
               Each attribute in this set specifies an option in the

     

       1675
       +
               `[Bridge]` section of the unit.  See

     

       1676
        
               {manpage}`systemd.netdev(5)` for details.

     

       1677
        
             '';

     

       1678
        
           };

nixos/tests/all-tests.nix

···

       899
        
         systemd-lock-handler = runTestOn ["aarch64-linux" "x86_64-linux"] ./systemd-lock-handler.nix;

     

       900
        
         systemd-machinectl = handleTest ./systemd-machinectl.nix {};

     

       901
        
         systemd-networkd = handleTest ./systemd-networkd.nix {};

     

       0
        
       
     

       902
        
         systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};

     

       903
        
         systemd-networkd-dhcpserver-static-leases = handleTest ./systemd-networkd-dhcpserver-static-leases.nix {};

     

       904
        
         systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {};

···

       899
        
         systemd-lock-handler = runTestOn ["aarch64-linux" "x86_64-linux"] ./systemd-lock-handler.nix;

     

       900
        
         systemd-machinectl = handleTest ./systemd-machinectl.nix {};

     

       901
        
         systemd-networkd = handleTest ./systemd-networkd.nix {};

     

       902
       +
         systemd-networkd-bridge = handleTest ./systemd-networkd-bridge.nix {};

     

       903
        
         systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};

     

       904
        
         systemd-networkd-dhcpserver-static-leases = handleTest ./systemd-networkd-dhcpserver-static-leases.nix {};

     

       905
        
         systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {};

+103

nixos/tests/systemd-networkd-bridge.nix

···

       1
       +
       /* This test ensures that we can configure spanning-tree protocol

     

       2
       +
          across bridges using systemd-networkd.

     

       3
       +
       

     

       4
       +
          Test topology:

     

       5
       +
       

     

       6
       +
                     1       2       3

     

       7
       +
              node1 --- sw1 --- sw2 --- node2

     

       8
       +
                          \     /

     

       9
       +
                         4 \   / 5

     

       10
       +
                            sw3

     

       11
       +
                             |

     

       12
       +
                           6 |

     

       13
       +
                             |

     

       14
       +
                           node3

     

       15
       +
       

     

       16
       +
          where switches 1, 2, and 3 bridge their links and use STP,

     

       17
       +
          and each link is labeled with the VLAN we are assigning it in

     

       18
       +
          virtualisation.vlans.

     

       19
       +
       */

     

       20
       +
       with builtins;

     

       21
       +
       let

     

       22
       +
         commonConf = {

     

       23
       +
           systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";

     

       24
       +
           networking.useNetworkd = true;

     

       25
       +
           networking.useDHCP = false;

     

       26
       +
           networking.firewall.enable = false;

     

       27
       +
         };

     

       28
       +
       

     

       29
       +
         generateNodeConf = { octet, vlan }:

     

       30
       +
           { lib, pkgs, config, ... }: {

     

       31
       +
             imports = [ common/user-account.nix commonConf ];

     

       32
       +
             virtualisation.vlans = [ vlan ];

     

       33
       +
             systemd.network = {

     

       34
       +
               enable = true;

     

       35
       +
               networks = {

     

       36
       +
                 "30-eth" = {

     

       37
       +
                   matchConfig.Name = "eth1";

     

       38
       +
                   address = [ "10.0.0.${toString octet}/24" ];

     

       39
       +
                 };

     

       40
       +
               };

     

       41
       +
             };

     

       42
       +
           };

     

       43
       +
       

     

       44
       +
         generateSwitchConf = vlans:

     

       45
       +
           { lib, pkgs, config, ... }: {

     

       46
       +
             imports = [ common/user-account.nix commonConf ];

     

       47
       +
             virtualisation.vlans = vlans;

     

       48
       +
             systemd.network = {

     

       49
       +
               enable = true;

     

       50
       +
               netdevs = {

     

       51
       +
                 "40-br0" = {

     

       52
       +
                   netdevConfig = {

     

       53
       +
                     Kind = "bridge";

     

       54
       +
                     Name = "br0";

     

       55
       +
                   };

     

       56
       +
                   bridgeConfig.STP = "yes";

     

       57
       +
                 };

     

       58
       +
               };

     

       59
       +
               networks = {

     

       60
       +
                 "30-eth" = {

     

       61
       +
                   matchConfig.Name = "eth*";

     

       62
       +
                   networkConfig.Bridge = "br0";

     

       63
       +
                 };

     

       64
       +
                 "40-br0" = { matchConfig.Name = "br0"; };

     

       65
       +
               };

     

       66
       +
             };

     

       67
       +
           };

     

       68
       +
       in import ./make-test-python.nix ({ pkgs, ... }: {

     

       69
       +
         name = "networkd";

     

       70
       +
         meta = with pkgs.lib.maintainers; { maintainers = [ picnoir ]; };

     

       71
       +
         nodes = {

     

       72
       +
           node1 = generateNodeConf {

     

       73
       +
             octet = 1;

     

       74
       +
             vlan = 1;

     

       75
       +
           };

     

       76
       +
           node2 = generateNodeConf {

     

       77
       +
             octet = 2;

     

       78
       +
             vlan = 3;

     

       79
       +
           };

     

       80
       +
           node3 = generateNodeConf {

     

       81
       +
             octet = 3;

     

       82
       +
             vlan = 6;

     

       83
       +
           };

     

       84
       +
           sw1 = generateSwitchConf [ 1 2 4 ];

     

       85
       +
           sw2 = generateSwitchConf [ 2 3 5 ];

     

       86
       +
           sw3 = generateSwitchConf [ 4 5 6 ];

     

       87
       +
         };

     

       88
       +
         testScript = ''

     

       89
       +
           network_nodes = [node1, node2, node3]

     

       90
       +
           network_switches = [sw1, sw2, sw3]

     

       91
       +
           start_all()

     

       92
       +
       

     

       93
       +
           for n in network_nodes + network_switches:

     

       94
       +
               n.wait_for_unit("systemd-networkd-wait-online.service")

     

       95
       +
       

     

       96
       +
           node1.succeed("ping 10.0.0.2 -w 10 -c 1")

     

       97
       +
           node1.succeed("ping 10.0.0.3 -w 10 -c 1")

     

       98
       +
           node2.succeed("ping 10.0.0.1 -w 10 -c 1")

     

       99
       +
           node2.succeed("ping 10.0.0.3 -w 10 -c 1")

     

       100
       +
           node3.succeed("ping 10.0.0.1 -w 10 -c 1")

     

       101
       +
           node3.succeed("ping 10.0.0.2 -w 10 -c 1")

     

       102
       +
         '';

     

       103
       +
       })