darkkirb/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests 2 Projects Releases Packages Wiki Activity Actions

maybe fix tc_cake

Browse source
This commit is contained in:
Charlotte 🦝 Delenk 2022-05-13 08:46:25 +01:00
parent 401060ad94
commit 30648174b9
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
4 changed files with 188 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
config/nas.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, modulesPath, lib, nixos-hardware, mrobbetts-extra, ... } @ args: {
{ config, pkgs, modulesPath, lib, nixos-hardware, ... } @ args: {
networking.hostName = "nas";
networking.hostId = "70af00ed";
@ -21,7 +21,7 @@
./services/mautrix-signal.nix
./services/router.nix
./services/syncthing.nix
"${mrobbetts-extra}/tc_cake.nix"
../modules/tc-cake.nix
];
hardware.cpu.amd.updateMicrocode = true;

17
flake.lock
View file

@ -249,22 +249,6 @@
"url": "https://git.chir.rs/CarolineHusky/MiiFox.net"
}
},
"mrobbetts-extra": {
"flake": false,
"locked": {
"lastModified": 1651793149,
"narHash": "sha256-b2PGTx8FOypHN5yvyAYYfeBqI0MLAQ4t+9g1NJGSTvM=",
"owner": "mrobbetts",
"repo": "nixos_extra_modules",
"rev": "0fb4e94fceaef7fed497562bab31922a6bfd24b3",
"type": "github"
},
"original": {
"owner": "mrobbetts",
"repo": "nixos_extra_modules",
"type": "github"
}
},
"newNixpkgs": {
"locked": {
"lastModified": 1647380550,
@ -488,7 +472,6 @@
"hosts-list": "hosts-list",
"hydra": "hydra",
"miifox-net": "miifox-net",
"mrobbetts-extra": "mrobbetts-extra",
"nix": "nix",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_5",

2
flake.nix
View file

@ -24,8 +24,6 @@ rec {
miifox-net.url = "git+https://git.chir.rs/CarolineHusky/MiiFox.net";
miifox-net.flake = false;
nixpkgs-systemd-249.url = github:NixOS/nixpkgs/47494ea53c11312dcbf8e453a13f8e605814aa0f;
mrobbetts-extra.url = github:mrobbetts/nixos_extra_modules;
mrobbetts-extra.flake = false;
};
outputs = { self, nixpkgs, sops-nix, home-manager, chir-rs, nur, polymc, ... } @ args:

186
modules/tc-cake.nix Normal file
View file

@ -0,0 +1,186 @@
# Taken from https://github.com/mrobbetts/nixos_extra_modules/blob/main/tc_cake.nix
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.networking.tc_cake;
generateUnit = name: opts: nameValuePair "tc_cake-${name}" {
description = "AQM (Cake) rules for ${name}.";
bindsTo = [ "sys-subsystem-net-devices-${name}.device" ];
after = [ "sys-subsystem-net-devices-${name}.device" "network-pre.target" ];
requires = [ "sys-subsystem-net-devices-${name}.device" ];
before = [ "network.target" ];
wantedBy = [ "sys-subsystem-net-devices-${name}.device" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = pkgs.writeTextFile {
name = "tc-${name}-start";
executable = true;
text = ''
#! ${pkgs.runtimeShell} -e
# Offloading.
${optionalString opts.disableOffload ''
${pkgs.ethtool}/bin/ethtool -K ${name} gro off gso off tso off
''}
# Egress control.
${optionalString (opts.shapeEgress.bandwidth != null) ''
${pkgs.iproute}/bin/tc qdisc add dev ${name} root cake bandwidth ${opts.shapeEgress.bandwidth} ${opts.shapeEgress.extraArgs}
''}
# Ingress control.
${optionalString (opts.shapeIngress.bandwidth != null) ''
${pkgs.iproute}/bin/tc qdisc add dev ${name} handle ffff: ingress
${pkgs.iproute}/bin/tc qdisc add dev ${opts.shapeIngress.ifb} root cake bandwidth ${opts.shapeIngress.bandwidth} ingress
${pkgs.iproute}/bin/tc filter add dev ${name} parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ${opts.shapeIngress.ifb}
''}
'';
};
ExecStop = pkgs.writeTextFile {
name = "tc-${name}-stop";
executable = true;
text = ''
#! ${pkgs.runtimeShell} -e
# Ingress control.
${optionalString (opts.shapeIngress.bandwidth != null) ''
${pkgs.iproute}/bin/tc qdisc del dev ${opts.shapeIngress.ifb} root
${pkgs.iproute}/bin/tc qdisc del dev ${name} parent ffff:
''}
# Egress control.
${optionalString (opts.shapeEgress.bandwidth != null) ''
${pkgs.iproute}/bin/tc qdisc del dev ${name} root
''}
# Offloading.
${optionalString opts.disableOffload ''
${pkgs.ethtool}/bin/ethtool -K ${name} gro on gso on tso on
''}
'';
};
};
restartIfChanged = true;
};
in
{
###### interface
options = {
networking.tc_cake = mkOption {
default = { };
type = types.attrsOf (types.submodule {
options = {
disableOffload = mkOption {
default = false;
type = types.bool;
description = ''
Enabling this will ensure all hardware offloading (to the NIC) is disabled.
'';
};
shapeEgress = mkOption {
type = (types.submodule {
options = {
bandwidth = mkOption {
default = null;
type = types.nullOr types.str;
example = "16mbit";
description = ''
A string describing the available outgoing bandwidth, compatible with `tc`.
'';
};
extraArgs = mkOption {
default = "";
type = types.str;
example = "nat overhead 18 mpu 64 noatm ack-filter";
description = ''
Additional arguments/flags for the cake qdisc creation.
'';
};
};
});
default = {
bandwidth = null;
extraArgs = "";
};
description = ''
Submodule describing how to shape egress traffic.
'';
};
shapeIngress = mkOption {
type = (types.submodule {
options = {
bandwidth = mkOption {
default = null;
type = types.nullOr types.str;
example = "75mbit";
description = ''
A string describing the available incoming bandwidth, compatible with `tc`.
'';
};
ifb = mkOption {
default = "ifb0";
type = types.str;
example = "ifb0";
description = ''
The IFB device to use during ingress shaping. Must be unique to this interface.
'';
};
};
});
default = {
bandwidth = null;
ifb = "ifb0";
};
description = ''
Submodule describing how to shape ingress traffic.
'';
};
};
});
description = ''
The list of traffic control commands, one entry per interface.
'';
};
};
###### Implementation
config = mkIf (cfg != { }) {
# systemd.services = mapAttrs generateUnit cfg;
systemd.services = listToAttrs (mapAttrsToList generateUnit cfg);
boot.kernelModules = [
"ifb"
"sch_cake"
"sch_red"
"mirred"
];
};
}