diff options
| author | Nikita Uvarov <uv.nikita@gmail.com> | 2018-10-29 12:26:18 +0100 |
|---|---|---|
| committer | Nikita Uvarov <uv.nikita@gmail.com> | 2018-10-29 14:02:50 +0100 |
| commit | 6d4b02df3f8cbc51b35b31208c4127b45d60f431 (patch) | |
| tree | 3cbdfa599f1a84d01af1fed37f1f0c6e6a9bda51 /nixos/modules/virtualisation/containers.nix | |
| parent | 188ce907e3933c7f079aff7b5cca4b3e46cc0a35 (diff) | |
| download | nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar.gz nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar.bz2 nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar.lz nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar.xz nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.tar.zst nixpkgs-6d4b02df3f8cbc51b35b31208c4127b45d60f431.zip | |
nixos/containers: don't create veths if not configured
Previously, setting "privateNetwork = true" without specifying host and local addresses would create unconfigured interfaces: ve-$INSTANCE on the host and eth0 inside the container. These changes is rebased part of the original PR #3021.
Diffstat (limited to 'nixos/modules/virtualisation/containers.nix')
| -rw-r--r-- | nixos/modules/virtualisation/containers.nix | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 8fe59badd33..50ee89168ee 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -36,7 +36,7 @@ let #! ${pkgs.runtimeShell} -e # Initialise the container side of the veth pair. - if [ "$PRIVATE_NETWORK" = 1 ]; then + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then ip link set host0 name eth0 ip link set dev eth0 up @@ -85,6 +85,10 @@ let cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf" if [ "$PRIVATE_NETWORK" = 1 ]; then + extraFlags+=" --private-network" + fi + + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then extraFlags+=" --network-veth" if [ -n "$HOST_BRIDGE" ]; then extraFlags+=" --network-bridge=$HOST_BRIDGE" @@ -153,7 +157,7 @@ let # Clean up existing machined registration and interfaces. machinectl terminate "$INSTANCE" 2> /dev/null || true - if [ "$PRIVATE_NETWORK" = 1 ]; then + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then ip link del dev "ve-$INSTANCE" 2> /dev/null || true ip link del dev "vb-$INSTANCE" 2> /dev/null || true fi @@ -200,7 +204,7 @@ let ''; in '' - if [ "$PRIVATE_NETWORK" = 1 ]; then + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then if [ -z "$HOST_BRIDGE" ]; then ifaceHost=ve-$INSTANCE ip link set dev $ifaceHost up @@ -349,7 +353,7 @@ let List of forwarded ports from host to container. Each forwarded port is specified by protocol, hostPort and containerPort. By default, protocol is tcp and hostPort and containerPort are assumed to be - the same if containerPort is not explicitly given. + the same if containerPort is not explicitly given. ''; }; @@ -694,7 +698,7 @@ in # container so that container@.target can get the container # configuration. environment.etc = - let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); + let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf" { text = '' |