movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixos/containers: don't create veths if not configured

Browse source 
Previously, setting "privateNetwork = true" without specifying host and
local addresses would create unconfigured interfaces: ve-$INSTANCE on the host
and eth0 inside the container.

These changes is rebased part of the original PR #3021.
This commit is contained in:
Nikita Uvarov 2018-10-29 12:26:18 +01:00
parent 188ce907e3
commit 6d4b02df3f
No known key found for this signature in database
GPG key ID: F7A5FB3A7C10EF96
1 changed files with 9 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

14
nixos/modules/virtualisation/containers.nix
View file

@ -36,7 +36,7 @@ let
#! ${pkgs.runtimeShell} -e #! ${pkgs.runtimeShell} -e
# Initialise the container side of the veth pair. # Initialise the container side of the veth pair.
if [ "$PRIVATE_NETWORK" = 1 ]; then if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
ip link set host0 name eth0 ip link set host0 name eth0
ip link set dev eth0 up ip link set dev eth0 up
@ -85,6 +85,10 @@ let
cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf" cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"
if [ "$PRIVATE_NETWORK" = 1 ]; then if [ "$PRIVATE_NETWORK" = 1 ]; then
extraFlags+=" --private-network"
fi
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
extraFlags+=" --network-veth" extraFlags+=" --network-veth"
if [ -n "$HOST_BRIDGE" ]; then if [ -n "$HOST_BRIDGE" ]; then
extraFlags+=" --network-bridge=$HOST_BRIDGE" extraFlags+=" --network-bridge=$HOST_BRIDGE"
@ -153,7 +157,7 @@ let
# Clean up existing machined registration and interfaces. # Clean up existing machined registration and interfaces.
machinectl terminate "$INSTANCE" 2> /dev/null || true machinectl terminate "$INSTANCE" 2> /dev/null || true
if [ "$PRIVATE_NETWORK" = 1 ]; then if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
ip link del dev "ve-$INSTANCE" 2> /dev/null || true ip link del dev "ve-$INSTANCE" 2> /dev/null || true
ip link del dev "vb-$INSTANCE" 2> /dev/null || true ip link del dev "vb-$INSTANCE" 2> /dev/null || true
fi fi
@ -200,7 +204,7 @@ let
''; '';
in in
'' ''
if [ "$PRIVATE_NETWORK" = 1 ]; then if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
if [ -z "$HOST_BRIDGE" ]; then if [ -z "$HOST_BRIDGE" ]; then
ifaceHost=ve-$INSTANCE ifaceHost=ve-$INSTANCE
ip link set dev $ifaceHost up ip link set dev $ifaceHost up
@ -349,7 +353,7 @@ let
List of forwarded ports from host to container. Each forwarded port List of forwarded ports from host to container. Each forwarded port
is specified by protocol, hostPort and containerPort. By default, is specified by protocol, hostPort and containerPort. By default,
protocol is tcp and hostPort and containerPort are assumed to be protocol is tcp and hostPort and containerPort are assumed to be
the same if containerPort is not explicitly given. the same if containerPort is not explicitly given.
''; '';
}; };
@ -694,7 +698,7 @@ in
# container so that container@.target can get the container # container so that container@.target can get the container
# configuration. # configuration.
environment.etc = environment.etc =
let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort);
in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf" in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf"
{ text = { text =
'' ''