nixos/home/routing: Initial working RSTP

2023-11-20 01:51:46 +00:00 · 2023-11-20 01:51:46 +00:00 · e6ad150865
commit e6ad150865
parent afe124a726
3 changed files with 89 additions and 11 deletions
--- a/flake.lock
+++ b/flake.lock
@ -560,11 +560,11 @@
    },
    "nixpkgs-mine": {
      "locked": {
-        "lastModified": 1698758299,
+        "lastModified": 1700347575,
-        "narHash": "sha256-J5Ljnna3fmtSRXvYOo0fm+65+lsP6FO1DXNp+fnSFA8=",
+        "narHash": "sha256-wHdY7YFRepLNtPRh7gBP8EDJRbqC/hwYWupxTof7PQ8=",
        "owner": "devplayer0",
        "repo": "nixpkgs",
-        "rev": "aebb3f35c0cb5270052dd4a1ac511cca5607a65e",
+        "rev": "72cc1ce8a7e476a724de861bbd066a1cb700e39b",
        "type": "github"
      },
      "original": {
@ -576,11 +576,11 @@
    },
    "nixpkgs-mine-stable": {
      "locked": {
-        "lastModified": 1698758314,
+        "lastModified": 1700347610,
-        "narHash": "sha256-n5lkK0deuU/yHN6c+d1IeGFWW0DIOXDe2ZQK0OdMyY4=",
+        "narHash": "sha256-NLRu2yPRc6BRIIcI0KG9csLGiAhmZG2JXLrJI+gLJQk=",
        "owner": "devplayer0",
        "repo": "nixpkgs",
-        "rev": "2e412711696ca846a039eafcc7a23e80d85de1e3",
+        "rev": "8b2769b59113858ecf4cf24ddae9ab1b8dd7920d",
        "type": "github"
      },
      "original": {
--- a/nixos/boxes/home/routing-common/default.nix
+++ b/nixos/boxes/home/routing-common/default.nix
@ -59,15 +59,27 @@ in
      let
        inherit (lib) mkIf mkMerge mkForce;
        inherit (lib.my) networkdAssignment;
        # TODO: Move into nixpkgs
        mstpd = pkgs.mstpd.overrideAttrs {
          patches = [ ./mstpd.patch ];
        };
      in
      {
        imports = [ (import ./dns.nix index) ];
        config = {
          environment = {
-            systemPackages = with pkgs; [
+            systemPackages = [
-              ethtool
+              pkgs.ethtool
              mstpd
            ];
            etc = {
              "bridge-stp.conf".text = ''
                MANAGE_MSTPD=n
                MSTP_BRIDGES=lan
              '';
            };
          };
          services = {
@ -82,10 +94,44 @@ in
              enable = true;
              openFirewall = true;
            };
            networkd-dispatcher = {
              enable = true;
              rules = {
                configure-mstpd = {
                  onState = [ "routable" ];
                  script = ''
                    #!${pkgs.runtimeShell}
                    if [ $IFACE = "lan" ]; then
                      ${mstpd}/sbin/mstpctl setforcevers $IFACE rstp
                    fi
                  '';
                };
              };
            };
          };
          networking.domain = "h.${pubDomain}";
          systemd = {
            services = {
              mstpd = {
                description = "MSTP daemon";
                before = [ "network-pre.target" ];
                serviceConfig = {
                  Type = "forking";
                  ExecStart = "${mstpd}/sbin/bridge-stp restart";
                  ExecReload = "${mstpd}/sbin/bridge-stp restart_config";
                  PIDFile = "/run/mstpd.pid";
                  Restart = "always";
                  PrivateTmp = true;
                  ProtectHome = true;
                };
                wantedBy = [ "multi-user.target" ];
              };
            };
          };
          systemd.network = {
            wait-online.enable = false;
            config = {
@ -112,9 +158,15 @@ in
                  Name = "wan";
                  Kind = "bridge";
                };
-                "25-lan".netdevConfig = {
+                "25-lan" = {
-                  Name = "lan";
+                  netdevConfig = {
-                  Kind = "bridge";
+                    Name = "lan";
                    Kind = "bridge";
                  };
                  extraConfig = ''
                    [Bridge]
                    STP=true
                  '';
                };
              }
--- a/nixos/boxes/home/routing-common/mstpd.patch
+++ b/nixos/boxes/home/routing-common/mstpd.patch
@ -0,0 +1,26 @@
 diff --git a/bridge-stp.in b/bridge-stp.in
 index 3807873..9c73126 100755
 --- a/bridge-stp.in
 +++ b/bridge-stp.in
@@ -31,6 +31,10 @@
 # bridge or any associated kernel network interfaces in any code paths that are
 # used when this script is called by the kernel.
 +# Ensure that we have a sane PATH.
 +PATH='/run/current-system/sw/bin'
 +export PATH
 +
 # Parse arguments.
 CalledAs="$(basename "$0")"
 if [ "$CalledAs" = 'mstpctl_restart_config' ]; then
@@ -62,10 +66,6 @@ fi
 # Ensure that we have a sane umask.
 umask 022
 -# Ensure that we have a sane PATH.
 -PATH='/sbin:/usr/sbin:/bin:/usr/bin'
 -export PATH
 -
 # Define some relevant paths.
 mstpctl='@mstpctlfile@'
 mstpd='@mstpdfile@'