diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2023-01-23 23:25:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-23 23:25:03 +0100 |
| commit | e3d6edd75fc763e28c0e55f0586e74992840b8b8 (patch) | |
| tree | 2743aa705bc051c39adc8a09dba13c72f4a2e989 /nixos | |
| parent | ed1593067597960ff68e96a68eb506fa00b14596 (diff) | |
| parent | 0e9cb9fcfda189bde0cd6bbd47773b5e7b041e3d (diff) | |
Merge pull request #209045 from Izorkin/update-dhcpcd-ipv6rs
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2305.section.xml | 7 | ||||
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 2 | ||||
| -rw-r--r-- | nixos/modules/services/networking/dhcpcd.nix | 9 |
3 files changed, 18 insertions, 0 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml index 60c5fdaa5a88f..6977203788cca 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml @@ -532,6 +532,13 @@ </listitem> <listitem> <para> + <literal>services.dhcpcd</literal> service now don’t solicit + or accept IPv6 Router Advertisements on interfaces that use + static IPv6 addresses. + </para> + </listitem> + <listitem> + <para> The module <literal>services.headscale</literal> was refactored to be compliant with <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 0bf1ad38eb018..09f4343a159b2 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -134,6 +134,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `services.chronyd` is now started with additional systemd sandbox/hardening options for better security. +- `services.dhcpcd` service now don't solicit or accept IPv6 Router Advertisements on interfaces that use static IPv6 addresses. + - The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed: - Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index ac5d45a65e3b8..9a0b29fbe5a7f 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -33,6 +33,13 @@ let (if !config.networking.useDHCP && enableDHCP then map (i: i.name) (filter (i: i.useDHCP == true) interfaces) else null); + staticIPv6Addresses = map (i: i.name) (filter (i: i.ipv6.addresses != [ ]) interfaces); + + noIPv6rs = concatStringsSep "\n" (map (name: '' + interface ${name} + noipv6rs + '') staticIPv6Addresses); + # Config file adapted from the one that ships with dhcpcd. dhcpcdConf = pkgs.writeText "dhcpcd.conf" '' @@ -75,6 +82,8 @@ let ''} ${cfg.extraConfig} + + ${optionalString config.networking.enableIPv6 noIPv6rs} ''; exitHook = pkgs.writeText "dhcpcd.exit-hook" |