How to configure advanced network settings in OpenMediaVault

OpenMediaVault is a very powerful NAS solution built on top of Debian, and it is what I chose to run on my main server at home. It has plugins for nearly everything you can possibly need, all integrated into a nice intuitive interface, and it is capable of doing a lot more than just serving files. However, one aspect where OMV falls a bit short is networking flexibility.

For basic configurations the web GUI is more than enough, offering options to configure Ethernet, Wi-Fi, VLANs, bonds, and bridges, but as soon as you need anything less common, like creating a macvlan interface, or a VLAN on top of a bridge (as is the case for this post), using the GUI stops being an option.

I decided to write this post as documentation for myself, and also to help any others who may be looking to try a networking setup not covered by OMV's GUI.

Understanding what's under the hood

Since version 5, OMV uses Salt to handle system configuration, which applies a number of templates for various services and settings based on the values set in the web GUI. For networking in particular, Salt will create YAML config files for another service called Netplan, a network configuration tool developed by Canonical. Finally, Netplan will "render" your network settings with systemd-networkd.

In summary:

OMV --> Salt --> Netplan --> systemd-networkd

Making changes that stick

Netplan is the point along that chain where we will make our changes.

If you navigate to /etc/netplan in your server, you should have at least one config file named 10-openmediavault-default.yaml. Do not make changes to this file, as it will be overwritten by Salt the next time a change is applied. Instead, we will create a new YAML file that is much lower than this one in hierarchy (smaller number in file name= higher hierarchy), so it gets merged in when Netplan applies it's configuration, but will not get overwritten since OMV/Salt don't know about it.

network:

  ethernets:
    eno1: {}
    eno2: {}

  bridges:
    br0:
      interfaces:
      - eno1
      - eno2
      addresses:
      - 192.168.1.5/24
      gateway4: 192.168.1.1
      nameservers:
        search:
        - lan
        addresses:
        - 192.168.1.4

  vlans:
    br0.10:
      id: 10
      link: br0
    br0.20:
      id: 20
      link: br0

In the file above I have defined two interfaces with empty configs, then defined a bridge containing these interfaces, along with the bridge's untagged IP configuration. Lastly, I have defined two VLAN interfaces on top of the bridge, which is the whole reason for this exercise: despite it being a valid configuration, it is just not possible to do this from the web GUI in OMV.

To apply our changes, simply run:

$ sudo netplan apply

A friendly reminder

"With great power comes great responsibility", etc, etc.
Configuring your network directly like this empowers your to shoot yourself in the foot, so make sure you understand what you're doing.