nixos/networkd: add vrfConfig option to netdevs

This commit is contained in:
Maximilian Bosch 2020-01-25 16:46:39 +01:00
parent 21ae4ae879
commit bc130855a7
No known key found for this signature in database
GPG Key ID: 091DBF4D1FC46B8E

View File

@ -55,6 +55,11 @@ let
(assertMacAddress "MACAddress") (assertMacAddress "MACAddress")
]; ];
checkVRF = checkUnitConfig "VRF" [
(assertOnlyFields [ "Table" ])
(assertMinimum "Table" 0)
];
# NOTE The PrivateKey directive is missing on purpose here, please # NOTE The PrivateKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable let's # do not add it to this list. The nix store is world-readable let's
# refrain ourselves from providing a footgun. # refrain ourselves from providing a footgun.
@ -349,6 +354,21 @@ let
''; '';
}; };
vrfConfig = mkOption {
default = {};
example = { Table = 2342; };
type = types.addCheck (types.attrsOf unitOption) checkVRF;
description = ''
Each attribute in this set specifies an option in the
<literal>[VRF]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
A detailed explanation about how VRFs work can be found in the
<link xlink:href="https://www.kernel.org/doc/Documentation/networking/vrf.txt">kernel
docs</link>.
'';
};
wireguardConfig = mkOption { wireguardConfig = mkOption {
default = {}; default = {};
example = { example = {
@ -844,6 +864,11 @@ let
[Xfrm] [Xfrm]
${attrsToSection def.xfrmConfig} ${attrsToSection def.xfrmConfig}
''}
${optionalString (def.vrfConfig != { }) ''
[VRF]
${attrsToSection def.vrfConfig}
''} ''}
${optionalString (def.wireguardConfig != { }) '' ${optionalString (def.wireguardConfig != { }) ''
[WireGuard] [WireGuard]