nixos/containers: don't create veths if not configured

Previously, setting "privateNetwork = true" without specifying host and local addresses would create unconfigured interfaces: ve-$INSTANCE on the host and eth0 inside the container. These changes is rebased part of the original PR #3021.
2025-07-13 21:50:33 +03:00 · 2018-10-29 12:26:18 +01:00 · 2018-10-29 12:26:18 +01:00 · 6d4b02df3f
commit 6d4b02df3f
parent 188ce907e3
1 changed files with 9 additions and 5 deletions
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -36,7 +36,7 @@ let
        #! ${pkgs.runtimeShell} -e

        # Initialise the container side of the veth pair.
-        if [ "$PRIVATE_NETWORK" = 1 ]; then
+        if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then

          ip link set host0 name eth0
          ip link set dev eth0 up
@ -85,6 +85,10 @@ let
      cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"

      if [ "$PRIVATE_NETWORK" = 1 ]; then
+        extraFlags+=" --private-network"
+      fi
+
+      if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
        extraFlags+=" --network-veth"
        if [ -n "$HOST_BRIDGE" ]; then
          extraFlags+=" --network-bridge=$HOST_BRIDGE"
@ -153,7 +157,7 @@ let
      # Clean up existing machined registration and interfaces.
      machinectl terminate "$INSTANCE" 2> /dev/null || true

-      if [ "$PRIVATE_NETWORK" = 1 ]; then
+      if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
        ip link del dev "ve-$INSTANCE" 2> /dev/null || true
        ip link del dev "vb-$INSTANCE" 2> /dev/null || true
      fi
@ -200,7 +204,7 @@ let
          '';
    in
      ''
-        if [ "$PRIVATE_NETWORK" = 1 ]; then
+        if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ]; then
          if [ -z "$HOST_BRIDGE" ]; then
            ifaceHost=ve-$INSTANCE
            ip link set dev $ifaceHost up