Unverified Commit ccdca43d authored by Martin Weinelt's avatar Martin Weinelt
Browse files

nixos/networkmanager: drop default plugin list and toggle 

It is unclear where this list originated, but it doesn't make sense to
ship it with all networkmanager installations. The most excessive plugin
is openconnect, that ships a 250 MB closure including webkitgtk.

Instead users now have to specify the plugins they want explicitly. I
updated the option to give hints on how to find them as best as I can.
parent c6eb8431

nixos/doc/manual/release-notes/rl-2511.section.md

+2 −0
Original line number Diff line number Diff line
@@ -10,6 +10,8 @@ 


- The default PostgreSQL version for new NixOS installations (i.e. with `system.stateVersion >= 25.11`) is v17.



- The NetworkManager module does not ship with a default set of VPN plugins anymore. All required VPN plugins must now be explicitly configured in [`networking.networkmanager.plugins`](#opt-networking.networkmanager.plugins).



## New Modules {#sec-release-25.11-new-modules}



<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

nixos/modules/services/networking/networkmanager.nix

+23 −23
Original line number Diff line number Diff line
@@ -225,30 +225,37 @@ in 
        type =

          let

            networkManagerPluginPackage = types.package // {

              description = "NetworkManager plug-in";

              description = "NetworkManager plugin package";

              check =

                p:

                lib.assertMsg

                  (types.package.check p && p ? networkManagerPlugin && lib.isString p.networkManagerPlugin)

                  ''

                    Package ‘${p.name}’, is not a NetworkManager plug-in.

                    Package ‘${p.name}’, is not a NetworkManager plugin.

                    Those need to have a ‘networkManagerPlugin’ attribute.

                  '';

            };

          in

          types.listOf networkManagerPluginPackage;

        default = [ ];

        description = ''

          List of NetworkManager plug-ins to enable.

          Some plug-ins are enabled by the NetworkManager module by default.

        example = literalExpression ''

          [

            networkmanager-fortisslvpn

            networkmanager-iodine

            networkmanager-l2tp

            networkmanager-openconnect

            networkmanager-openvpn

            networkmanager-sstp

            networkmanager-strongswan

            networkmanager-vpnc

          ]

        '';

      };



      enableDefaultPlugins = mkOption {

        type = types.bool;

        default = true;

        description = ''

          Enable a set of recommended plugins.

          List of plugin packages to install.



          See <https://search.nixos.org/packages?query=networkmanager-> for available plugin packages.

          and <https://networkmanager.dev/docs/vpn/> for an overview over builtin and external plugins

          and their support status.

        '';

      };
@@ -520,6 +527,11 @@ in 
      "networkmanager"

      "enableStrongSwan"

    ] "Pass `pkgs.networkmanager_strongswan` into `networking.networkmanager.plugins` instead.")

    (mkRemovedOptionModule [

      "networking"

      "networkmanager"

      "enableDefaultPlugins"

    ] "Configure the required plugins explicitly in `networking.networkmanager.plugins`.")

  ];



  ###### implementation
@@ -663,18 +675,6 @@ in 
        useDHCP = false;

      })



      (mkIf cfg.enableDefaultPlugins {

        networkmanager.plugins = with pkgs; [

          networkmanager-fortisslvpn

          networkmanager-iodine

          networkmanager-l2tp

          networkmanager-openconnect

          networkmanager-openvpn

          networkmanager-vpnc

          networkmanager-sstp

        ];

      })



      (mkIf enableIwd {

        wireless.iwd.enable = true;

      })