Server7: define container options within per-container configs

This commit is contained in:
Emery Hemingway 2020-01-26 13:13:48 +01:00
parent a203683694
commit d17a7e01e9
4 changed files with 47 additions and 43 deletions

View File

@ -1,25 +1,25 @@
{ config, pkgs, lib, ... }:
name:
{
imports = [
../../../../lib/hq.nix
];
(import ../outer-defaults.nix name) // {
config = { config, pkgs, lib, ... }: {
imports = [ (../inner-defaults.nix) (../../../../lib/yggdrasil-hq.nix) ];
services.uhub = {
enable = true;
enableTLS = false;
hubConfig = ''
hub_name=c3d2
hub_description=<<</>>
'';
plugins.history.enable = true;
plugins.welcome = {
services.uhub = {
enable = true;
motd = config.users.motd;
enableTLS = false;
hubConfig = ''
hub_name=c3d2
hub_description=<<</>>
'';
plugins.history.enable = true;
plugins.welcome = {
enable = true;
motd = config.users.motd;
};
};
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
hq.yggdrasil.enable = true;
};
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
hq.yggdrasil.enable = true;
}

View File

@ -5,31 +5,9 @@ let
containerFunc = name:
# Generate a container expression from the directory at `name`.
with builtins;
let
hash = hashString "sha256" name;
hextet0 = substring 0 4 hash;
hextet1 = substring 4 4 hash;
in {
{
inherit name;
value = {
# These are attributes common to each container
# from the perspective of the host.
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress6 = "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
# Generate a deterministic IPv6 address for the container.
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
config = { ... }: {
imports = [ ../../../lib (./. + "/${name}") ];
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq.interface = "eth0";
};
};
};
value = import (./. + "/${name}") name;
};
containerDir = builtins.readDir ../containers;
@ -47,7 +25,7 @@ in {
lxc.containers = {
trivial = {
nixos-config = "/tmp/trivial.nix";
lxc = {};
lxc = { };
};
};
}

View File

@ -0,0 +1,8 @@
{ ... }: {
imports = [ ../../../lib ];
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq.interface = "eth0";
};
}

View File

@ -0,0 +1,18 @@
name:
let yggaddr = import ../yggaddr.nix;
in {
# These the container defaults from the perspective of the host.
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress6 = with builtins; let
hash = hashString "sha256" name;
hextet0 = substring 0 4 hash;
hextet1 = substring 4 4 hash;
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
# Generate a deterministic IPv6 address for the container.
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
}