Server7: define container options within per-container configs
This commit is contained in:
parent
a203683694
commit
d17a7e01e9
|
@ -1,25 +1,25 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
name:
|
||||
|
||||
{
|
||||
imports = [
|
||||
../../../../lib/hq.nix
|
||||
];
|
||||
(import ../outer-defaults.nix name) // {
|
||||
config = { config, pkgs, lib, ... }: {
|
||||
imports = [ (../inner-defaults.nix) (../../../../lib/yggdrasil-hq.nix) ];
|
||||
|
||||
services.uhub = {
|
||||
enable = true;
|
||||
enableTLS = false;
|
||||
hubConfig = ''
|
||||
hub_name=c3d2
|
||||
hub_description=<<</>>
|
||||
'';
|
||||
plugins.history.enable = true;
|
||||
plugins.welcome = {
|
||||
services.uhub = {
|
||||
enable = true;
|
||||
motd = config.users.motd;
|
||||
enableTLS = false;
|
||||
hubConfig = ''
|
||||
hub_name=c3d2
|
||||
hub_description=<<</>>
|
||||
'';
|
||||
plugins.history.enable = true;
|
||||
plugins.welcome = {
|
||||
enable = true;
|
||||
motd = config.users.motd;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
|
||||
hq.yggdrasil.enable = true;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
|
||||
|
||||
hq.yggdrasil.enable = true;
|
||||
}
|
||||
|
|
|
@ -5,31 +5,9 @@ let
|
|||
|
||||
containerFunc = name:
|
||||
# Generate a container expression from the directory at `name`.
|
||||
with builtins;
|
||||
let
|
||||
hash = hashString "sha256" name;
|
||||
hextet0 = substring 0 4 hash;
|
||||
hextet1 = substring 4 4 hash;
|
||||
in {
|
||||
{
|
||||
inherit name;
|
||||
value = {
|
||||
# These are attributes common to each container
|
||||
# from the perspective of the host.
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
localAddress6 = "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
||||
# Generate a deterministic IPv6 address for the container.
|
||||
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
|
||||
config = { ... }: {
|
||||
imports = [ ../../../lib (./. + "/${name}") ];
|
||||
c3d2 = {
|
||||
isInHq = true;
|
||||
mapHqHosts = true;
|
||||
hq.interface = "eth0";
|
||||
};
|
||||
};
|
||||
};
|
||||
value = import (./. + "/${name}") name;
|
||||
};
|
||||
|
||||
containerDir = builtins.readDir ../containers;
|
||||
|
@ -47,7 +25,7 @@ in {
|
|||
lxc.containers = {
|
||||
trivial = {
|
||||
nixos-config = "/tmp/trivial.nix";
|
||||
lxc = {};
|
||||
lxc = { };
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
{ ... }: {
|
||||
imports = [ ../../../lib ];
|
||||
c3d2 = {
|
||||
isInHq = true;
|
||||
mapHqHosts = true;
|
||||
hq.interface = "eth0";
|
||||
};
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
name:
|
||||
|
||||
let yggaddr = import ../yggaddr.nix;
|
||||
in {
|
||||
# These the container defaults from the perspective of the host.
|
||||
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
|
||||
localAddress6 = with builtins; let
|
||||
hash = hashString "sha256" name;
|
||||
hextet0 = substring 0 4 hash;
|
||||
hextet1 = substring 4 4 hash;
|
||||
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
||||
# Generate a deterministic IPv6 address for the container.
|
||||
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
|
||||
}
|
Loading…
Reference in New Issue