Tinc

`services.tinc.networks`

Defines the tinc networks which will be started. Each network invokes a different daemon.

Type: attribute set of (submodule)

Default

{ }

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.bindToAddress`

The ip address to bind to (both listen on and send packets from).

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.chroot`

Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security. The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.

Note that this currently breaks dns resolution and tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.debugLevel`

The amount of debugging information to add to the log. 0 means little logging while 5 is the most logging. {command}man tincd for more details.

Type: signed integer

Default

0

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.ed25519PrivateKeyFile`

Path of the private ed25519 keyfile.

Type: null or path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.extraConfig`

Extra lines to add to the tinc service configuration file.

Note that using the declarative {option}service.tinc.networks.<name>.settings option is preferred.

Type: strings concatenated with "\n"

Default

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings`

The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores.

Type: attribute set of (submodule)

Default

{ }

Example

{host1 = {addresses = [{ address = "192.168.1.42"; }{ address = "192.168.1.42"; port = 1655; }];subnets = [ { address = "10.0.0.42"; } ];rsaPublicKey = "...";settings = {Ed25519PublicKey = "...";};};host2 = {subnets = [ { address = "10.0.1.0"; prefixLength = 24; weight = 2; } ];rsaPublicKey = "...";settings = {Compression = 10;};};}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.addresses`

The external address where the host can be reached. This will set this host's {option}settings.Address option.

This variable is only required if you want to connect to this host.

Type: list of (submodule)

Default

[ ]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.addresses.*.address`

The external IP address or hostname where the host can be reached. Type: string

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.addresses.*.port`

The port where the host can be reached.

If no port is specified, the default Port is used.

Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.rsaPublicKey`

Legacy RSA public key of the host in PEM format, including start and end markers.

This will be appended as-is in the host's configuration file.

The ed25519 public key can be specified using the {option}settings.Ed25519PublicKey option instead.

Type: string

Default

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.settings`

Configuration for this host.

See https://tinc-vpn.org/documentation-1.1/Host-configuration-variables.html for supported values.

Type: attribute set of (boolean or string or signed integer or list of (boolean or string or signed integer))

Default

{ }

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.subnets`

The subnets which this tinc daemon will serve. This will set this host's {option}settings.Subnet option.

Tinc tries to look up which other daemon it should send a packet to by searching the appropriate subnet. If the packet matches a subnet, it will be sent to the daemon who has this subnet in his host configuration file.

Type: list of (submodule)

Default

[ ]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address`

The subnet of this host.

Subnets can either be single MAC, IPv4 or IPv6 addresses, in which case a subnet consisting of only that single address is assumed, or they can be a IPv4 or IPv6 network address with a prefix length.

IPv4 subnets are notated like 192.168.1.0/24, IPv6 subnets are notated like fec0:0:0:1::/64. MAC addresses are notated like 0:1a:2b:3c:4d:5e.

Note that subnets like 192.168.1.1/24 are invalid.

Type: string

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.subnets.*.prefixLength`

The prefix length of the subnet.

If null, a subnet consisting of only that single address is assumed.

This conforms to standard CIDR notation as described in RFC1519.

Type: null or signed integer

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hostSettings.<name>.subnets.*.weight`

Indicates the priority over identical Subnets owned by different nodes.

Lower values indicate higher priority. Packets will be sent to the node with the highest priority, unless that node is not reachable, in which case the node with the next highest priority will be tried, and so on.

Type: unsigned integer, meaning >=0

Default

10

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.hosts`

The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores.

Note that using the declarative {option}service.tinc.networks.<name>.hostSettings option is preferred.

Type: attribute set of strings concatenated with "\n"

Default

{ }

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.interfaceType`

The type of virtual interface used for the network connection.

Type: one of "tun", "tap"

Default

"tun"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.listenAddress`

The ip address to listen on for incoming connections.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/tinc.nix

`services.tinc.networks.<name>.name`

The name of the node which is used as an identifier when communicating with the remote nodes in the mesh. If null then the hostname of the system is used to derive a name (note that tinc may replace non-alphanumeric characters in hostnames by underscores).

Type: null or string